Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe

Overview

General Information

Sample name:SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
Analysis ID:1436481
MD5:99f74d2572735bbacb8251a73e9cb312
SHA1:5a43d2e4314e32572d6399ec61175f42af567822
SHA256:b68bf709ac86ed32664e0e2ddd27da386281480979860e95240ced16f50fd926
Tags:exe
Infos:

Detection

Score:31
Range:0 - 100
Whitelisted:false
Confidence:0%

Compliance

Score:33
Range:0 - 100

Signatures

Found direct / indirect Syscall (likely to bypass EDR)
AV process strings found (often used to terminate AV products)
Contains functionality for read data from the clipboard
Contains functionality to call native functions
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a debugger is running (OutputDebugString,GetLastError)
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Contains functionality to check the parent process ID (often done to detect debuggers and analysis systems)
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Contains functionality to enumerate running services
Contains functionality to launch a program with higher privileges
Contains functionality to modify clipboard data
Contains functionality to query CPU information (cpuid)
Contains functionality to query locales information (e.g. system language)
Contains functionality to read the PEB
Contains functionality to retrieve information about pressed keystrokes
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Creates COM task schedule object (often to register a task for autostart)
Creates a process in suspended mode (likely to inject code)
Detected potential crypto function
Drops PE files
Drops files with a non-matching file extension (content does not match file extension)
EXE planting / hijacking vulnerabilities found
Enables debug privileges
Extensive use of GetProcAddress (often used to hide API calls)
File is packed with WinRar
Form action URLs do not match main URL
Found dropped PE file which has not been started or loaded
Found evasive API chain (date check)
Found iframes
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
HTML title does not match URL
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
PE file contains an invalid checksum
PE file contains executable resources (Code or Archives)
PE file contains sections with non-standard names
PE file does not import any functions
Queries information about the installed CPU (vendor, model number etc)
Sample file is different than original file name gathered from version info
Uses 32bit PE files
Uses code obfuscation techniques (call, push, ret)
Uses the system / local time for branch decision (may execute only at specific dates)

Classification

Analysis Advice

Sample may offer command line options, please run it with the 'Execute binary with arguments' cookbook (it's possible that the command line switches require additional characters like: "-", "/", "--")
Sample drops PE files which have not been started, submit dropped PE samples for a secondary analysis to Joe Sandbox
Sample has a GUI, but Joe Sandbox has not found any clickable buttons, likely more UI automation may extend behavior
Sample tries to load a library which is not present or installed on the analysis machine, adding the library might reveal more behavior
Sample has functionality to log and monitor keystrokes, analyze it with the 'Simulates keyboard and window changes' cookbook

Process Tree

  • System is w10x64
  • SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe (PID: 7468 cmdline: "C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe" MD5: 99F74D2572735BBACB8251A73E9CB312)
    • PostUpdate.exe (PID: 7592 cmdline: "C:\Users\user\Desktop\PostUpdate.exe" MD5: 2D51866F9D1AA7FA9619EE68068D89F2)
      • ProcessLasso.exe (PID: 7752 cmdline: /postupdate MD5: 2A90A0E4D3294488FB6F81326306B55D)
        • chrome.exe (PID: 8040 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
          • chrome.exe (PID: 4320 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2128 --field-trial-handle=2008,i,15519515346526546949,12768663373264760233,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 3004 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
          • chrome.exe (PID: 4960 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 --field-trial-handle=1984,i,5106367926550211044,9373728312157229491,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 6852 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
          • chrome.exe (PID: 5304 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1740 --field-trial-handle=1996,i,7114810720293782166,12932913640708286940,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 8108 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
          • chrome.exe (PID: 7716 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2016 --field-trial-handle=1984,i,2617033844371038707,2385638837885236536,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 6692 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
          • chrome.exe (PID: 824 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1996 --field-trial-handle=1948,i,16641894259137025231,17552674618342249670,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 7964 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
          • chrome.exe (PID: 5124 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2040 --field-trial-handle=1984,i,18071265613074346824,7565659784721279921,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 5960 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
          • chrome.exe (PID: 6656 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1884 --field-trial-handle=1952,i,13378929248748638004,16609101256085625740,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 3704 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
          • chrome.exe (PID: 7084 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2040 --field-trial-handle=1976,i,556397286523747728,13715138569827133155,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 3588 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
          • chrome.exe (PID: 5896 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 --field-trial-handle=1992,i,3103486031131948529,12771731290429994548,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 6184 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
          • chrome.exe (PID: 3844 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1976 --field-trial-handle=2000,i,4281038644087026732,4404549652330960055,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 7076 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
          • chrome.exe (PID: 7948 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1840 --field-trial-handle=1984,i,16754105667391397097,1628277584012059700,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 1448 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
          • chrome.exe (PID: 1456 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2024 --field-trial-handle=1988,i,13307509518589281415,1496618762875588576,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 7084 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
          • chrome.exe (PID: 4124 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 --field-trial-handle=1984,i,10167203328593902513,15389311701757241189,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 5472 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
          • chrome.exe (PID: 2324 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1872 --field-trial-handle=1724,i,14353911626792566164,9578348925622307936,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 4824 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
          • chrome.exe (PID: 1312 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 --field-trial-handle=1988,i,7229309035351989711,14618348612749984897,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • bitsumsessionagent.exe (PID: 7724 cmdline: C:\Users\user\Desktop\bitsumsessionagent.exe ---------------------------------------------------------------- MD5: BACDA076E8252AFF54E3F66333FACEA6)
  • bitsumsessionagent.exe (PID: 7744 cmdline: C:\Users\user\Desktop\bitsumsessionagent.exe ---------------------------------------------------------------- MD5: BACDA076E8252AFF54E3F66333FACEA6)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeEXE: C:\Users\user\Desktop\testlasso.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeEXE: C:\Users\user\Desktop\CPUEater.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeEXE: C:\Users\user\Desktop\ThreadRacer.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeEXE: C:\Users\user\Desktop\ProcessLassoLauncher.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeEXE: PostUpdate.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeEXE: C:\Users\user\Desktop\TweakScheduler.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeEXE: C:\Users\user\Desktop\vistammsc.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeEXE: C:\Users\user\Desktop\InstallHelper.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeEXE: C:\Users\user\Desktop\ProcessLasso.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeEXE: C:\Users\user\Desktop\ProcessGovernor.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeEXE: C:\Users\user\Desktop\Insights.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeEXE: C:\Users\user\Desktop\LogViewer.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeEXE: C:\Users\user\Desktop\plActivate.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeEXE: C:\Users\user\Desktop\bitsumsessionagent.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeEXE: C:\Users\user\Desktop\PostUpdate.exeJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeEXE: C:\Users\user\Desktop\QuickUpgrade.exeJump to behavior
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: Form action: https://wordpress.com/email-subscriptions bitsum wordpress
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: Form action: https://wordpress.com/email-subscriptions bitsum wordpress
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: Form action: https://wordpress.com/email-subscriptions bitsum wordpress
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: Form action: https://wordpress.com/email-subscriptions bitsum wordpress
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: Form action: https://wordpress.com/email-subscriptions bitsum wordpress
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: Form action: https://wordpress.com/email-subscriptions bitsum wordpress
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: Form action: https://wordpress.com/email-subscriptions bitsum wordpress
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: Form action: https://wordpress.com/email-subscriptions bitsum wordpress
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: Form action: https://wordpress.com/email-subscriptions bitsum wordpress
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: Form action: https://wordpress.com/email-subscriptions bitsum wordpress
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: Form action: https://wordpress.com/email-subscriptions bitsum wordpress
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: Iframe src: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html#url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&title=Get%20Process%20Lasso%20Pro&referrer=&muid=NA&sid=NA&version=6&preview=false
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: Iframe src: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html#url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&title=Get%20Process%20Lasso%20Pro&referrer=&muid=NA&sid=NA&version=6&preview=false
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: Iframe src: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html#url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&title=Get%20Process%20Lasso%20Pro&referrer=&muid=NA&sid=NA&version=6&preview=false
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: Iframe src: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html#url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&title=Get%20Process%20Lasso%20Pro&referrer=&muid=NA&sid=NA&version=6&preview=false
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: Iframe src: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html#url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&title=Get%20Process%20Lasso%20Pro&referrer=&muid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9&sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65&version=6&preview=false
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: Iframe src: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html#url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&title=Get%20Process%20Lasso%20Pro&referrer=&muid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9&sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65&version=6&preview=false
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: Iframe src: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html#url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&title=Get%20Process%20Lasso%20Pro&referrer=&muid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9&sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65&version=6&preview=false
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: Iframe src: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html#url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&title=Get%20Process%20Lasso%20Pro&referrer=&muid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9&sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65&version=6&preview=false
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: Iframe src: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html#url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&title=Get%20Process%20Lasso%20Pro&referrer=&muid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9&sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65&version=6&preview=false
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: Iframe src: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html#url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&title=Get%20Process%20Lasso%20Pro&referrer=&muid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9&sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65&version=6&preview=false
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: Iframe src: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html#url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&title=Get%20Process%20Lasso%20Pro&referrer=&muid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9&sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65&version=6&preview=false
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: Title: Get Process Lasso Pro does not match URL
Source: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html#url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&title=Get%20Process%20Lasso%20Pro&referrer=&muid=NA&sid=NA&version=6&preview=falseHTTP Parser: No favicon
Source: https://m.stripe.network/inner.html#url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&title=Get%20Process%20Lasso%20Pro&referrer=&muid=NA&sid=NA&version=6&preview=falseHTTP Parser: No favicon
Source: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html#url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&title=Get%20Process%20Lasso%20Pro&referrer=&muid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9&sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65&version=6&preview=falseHTTP Parser: No favicon
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: No <meta name="author".. found
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: No <meta name="author".. found
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: No <meta name="author".. found
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: No <meta name="author".. found
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: No <meta name="author".. found
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: No <meta name="author".. found
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: No <meta name="author".. found
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: No <meta name="author".. found
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: No <meta name="author".. found
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: No <meta name="author".. found
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: No <meta name="author".. found
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: No <meta name="copyright".. found
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: No <meta name="copyright".. found
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: No <meta name="copyright".. found
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: No <meta name="copyright".. found
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: No <meta name="copyright".. found
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: No <meta name="copyright".. found
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: No <meta name="copyright".. found
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: No <meta name="copyright".. found
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: No <meta name="copyright".. found
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: No <meta name="copyright".. found
Source: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1HTTP Parser: No <meta name="copyright".. found

Compliance

barindex
EXE planting / hijacking vulnerabilities found
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeEXE: C:\Users\user\Desktop\testlasso.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeEXE: C:\Users\user\Desktop\CPUEater.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeEXE: C:\Users\user\Desktop\ThreadRacer.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeEXE: C:\Users\user\Desktop\ProcessLassoLauncher.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeEXE: PostUpdate.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeEXE: C:\Users\user\Desktop\TweakScheduler.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeEXE: C:\Users\user\Desktop\vistammsc.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeEXE: C:\Users\user\Desktop\InstallHelper.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeEXE: C:\Users\user\Desktop\ProcessLasso.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeEXE: C:\Users\user\Desktop\ProcessGovernor.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeEXE: C:\Users\user\Desktop\Insights.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeEXE: C:\Users\user\Desktop\LogViewer.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeEXE: C:\Users\user\Desktop\plActivate.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeEXE: C:\Users\user\Desktop\bitsumsessionagent.exeJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeEXE: C:\Users\user\Desktop\PostUpdate.exeJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeEXE: C:\Users\user\Desktop\QuickUpgrade.exeJump to behavior
Uses 32bit PE files
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
PE / OLE file has a valid certificate
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeStatic PE information: certificate valid
Uses secure TLS version for HTTPS connections
Source: unknownHTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.4:49731 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.4:49788 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.4:49791 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.4:49910 version: TLS 1.2
Contains modern PE file flags such as dynamic base (ASLR) or NX
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, GUARD_CF, TERMINAL_SERVER_AWARE
Binary contains paths to debug symbols
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_korean.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000083A2000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_korean.dll.0.dr
Source: Binary string: c:\pl\output\pl_rsrc_polish.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008574000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_polish.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\LogViewer.pdb source: LogViewer.exe.0.dr
Source: Binary string: c:\pl\output\pl_rsrc_ptbr.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008748000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_ptbr.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_french.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007B26000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_french.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_bulgarian.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000072C5000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_bulgarian.dll.0.dr
Source: Binary string: c:\pl\output\testlasso.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007116000.00000004.00000020.00020000.00000000.sdmp, testlasso.exe.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_japanese.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000081B6000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_japanese.dll.0.dr
Source: Binary string: c:\pl\output\PostUpdate.pdb source: PostUpdate.exe, 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmp, PostUpdate.exe, 00000001.00000000.1652854987.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmp, PostUpdate.exe.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_german.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007D10000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_german.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_chinese_traditional.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007661000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_chinese_traditional.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\QuickUpgrade.pdb$ source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006E42000.00000004.00000020.00020000.00000000.sdmp, QuickUpgrade.exe.1.dr, QuickUpgrade.exe.Replacement.0.dr
Source: Binary string: c:\pl\output\InstallHelper.pdbi source: InstallHelper.exe.0.dr
Source: Binary string: c:\pl\output\PostUpdate.pdbZ source: PostUpdate.exe, 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmp, PostUpdate.exe, 00000001.00000000.1652854987.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmp, PostUpdate.exe.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\Insights.pdb source: Insights.exe.0.dr
Source: Binary string: c:\pl\output\pl_rsrc_finnish.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000079F7000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_finnish.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_slovenian.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006B28000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_slovenian.dll.0.dr
Source: Binary string: c:\pl\output\pl_rsrc_italian.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007F06000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_italian.dll.0.dr
Source: Binary string: c:\pl\output\vistammsc.exe.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.000000000726E000.00000004.00000020.00020000.00000000.sdmp, vistammsc.exe.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_german.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007D10000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_german.dll.0.dr
Source: Binary string: c:\pl\output\CPUEater.pdb` source: CPUEater.exe.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\Insights.pdbd source: Insights.exe.0.dr
Source: Binary string: D:\Projects\WinRAR\sfx\build\sfxrar32\Release\sfxrar.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
Source: Binary string: c:\pl\output\pl_rsrc_russian.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.000000000887A000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_russian.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_chinese.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000073BC000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_chinese.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\LogViewer.pdbJ source: LogViewer.exe.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_french.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007B26000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_french.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_chinese.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000073BC000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_chinese.dll.0.dr
Source: Binary string: c:\pl\output\ProcessLassoLauncher.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000070AC000.00000004.00000020.00020000.00000000.sdmp, ProcessLassoLauncher.exe.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_slovenian.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006B28000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_slovenian.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\QuickUpgrade.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006E42000.00000004.00000020.00020000.00000000.sdmp, QuickUpgrade.exe.1.dr, QuickUpgrade.exe.Replacement.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_bulgarian.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000072C5000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_bulgarian.dll.0.dr
Source: Binary string: c:\pl\output\ProcessGovernor.pdbGCTL source: ProcessGovernor.exe.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\x64\Release\bitsumsessionagent.pdb source: bitsumsessionagent.exe, 00000002.00000002.2879821342.00007FF7E99EB000.00000002.00000001.01000000.0000000C.sdmp, bitsumsessionagent.exe, 00000002.00000000.1663989043.00007FF7E99EB000.00000002.00000001.01000000.0000000C.sdmp, bitsumsessionagent.exe, 00000003.00000002.1688973134.00007FF7E99EB000.00000002.00000001.01000000.0000000C.sdmp, bitsumsessionagent.exe, 00000003.00000000.1680227560.00007FF7E99EB000.00000002.00000001.01000000.0000000C.sdmp, bitsumsessionagent.exe.0.dr
Source: Binary string: c:\pl\output\pl_rsrc_finnish.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000079F7000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_finnish.dll.0.dr
Source: Binary string: c:\pl\output\pl_rsrc_italian.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007F06000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_italian.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_chinese_traditional.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007661000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_chinese_traditional.dll.0.dr
Source: Binary string: c:\pl\output\CPUEater.pdb source: CPUEater.exe.0.dr
Source: Binary string: c:\pl\output\ProcessGovernor.pdb source: ProcessGovernor.exe.0.dr
Source: Binary string: c:\pl\output\ThreadRacer.exe.pdbS source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007116000.00000004.00000020.00020000.00000000.sdmp, ThreadRacer.exe.0.dr
Source: Binary string: c:\pl\output\pl_rsrc_russian.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.000000000887A000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_russian.dll.0.dr
Source: Binary string: c:\pl\output\InstallHelper.pdb source: InstallHelper.exe.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_japanese.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000081B6000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_japanese.dll.0.dr
Source: Binary string: c:\pl\output\vistammsc.exe.pdbY source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.000000000726E000.00000004.00000020.00020000.00000000.sdmp, vistammsc.exe.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_spanish.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006D11000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_spanish.dll.0.dr
Source: Binary string: c:\pl\output\ThreadRacer.exe.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007116000.00000004.00000020.00020000.00000000.sdmp, ThreadRacer.exe.0.dr
Source: Binary string: c:\pl\output\pl_rsrc_ptbr.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008748000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_ptbr.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\ProcessLasso.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006FAF000.00000004.00000020.00020000.00000000.sdmp, ProcessLasso.exe, 00000004.00000000.1681252064.00007FF7E6D2F000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe, 00000004.00000002.2882313735.00007FF7E6D2F000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\plActivate.pdb source: plActivate.exe.0.dr
Source: C:\Users\user\Desktop\PostUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}Jump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAsJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32Jump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler32Jump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandlerJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}Jump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAsJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32Jump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler32Jump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandlerJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\LocalServer32Jump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\LocalServerJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}Jump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\ElevationJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}Jump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAsJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_0045BA94 FindFirstFileW,FindFirstFileW,GetLastError,FindNextFileW,GetLastError,0_2_0045BA94
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_0046D420 SendDlgItemMessageW,EndDialog,GetDlgItem,SetFocus,SetDlgItemTextW,SendDlgItemMessageW,FindFirstFileW,_swprintf,SetDlgItemTextW,FindClose,_swprintf,SetDlgItemTextW,SendDlgItemMessageW,_swprintf,SetDlgItemTextW,_swprintf,SetDlgItemTextW,0_2_0046D420
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF6472B6A84 _invalid_parameter_noinfo,FindFirstFileExW,FindNextFileW,FindClose,FindClose,1_2_00007FF6472B6A84
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 2_2_00007FF7E99E2048 _invalid_parameter_noinfo,FindFirstFileExW,FindNextFileW,FindClose,FindClose,2_2_00007FF7E99E2048
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CA21A0 DeleteFileW,DeleteFileW,RemoveDirectoryW,GetFileAttributesW,LoadStringW,LoadLibraryW,GetModuleHandleW,LoadStringW,MessageBoxW,FindFirstFileW,DeleteFileW,FindNextFileW,RemoveDirectoryW,GetFileAttributesW,4_2_00007FF7E6CA21A0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CA1C60 FindFirstFileW,GetFileAttributesW,FindNextFileW,_invalid_parameter_noinfo,4_2_00007FF7E6CA1C60
Source: Joe Sandbox ViewIP Address: 192.0.76.3 192.0.76.3
Source: Joe Sandbox ViewIP Address: 192.0.76.3 192.0.76.3
Source: Joe Sandbox ViewIP Address: 151.101.128.176 151.101.128.176
Source: Joe Sandbox ViewJA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 104.46.162.224
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknownTCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknownTCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknownTCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknownTCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknownTCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknownTCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknownTCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknownTCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknownTCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknownTCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknownTCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknownTCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknownTCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknownTCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknownTCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknownTCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknownTCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CC46F0 InternetOpenUrlW,InternetCloseHandle,InternetReadFile,InternetCloseHandle,InternetCloseHandle,4_2_00007FF7E6CC46F0
Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=A2tp3zbaFOOWXvO&MD=VZaYXHLT HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-includes/css/dist/block-library/style.min.css?ver=35eac6e98b37c7568cceeeeb456d12a3 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
Source: global trafficHTTP traffic detected: GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
Source: global trafficHTTP traffic detected: GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=35eac6e98b37c7568cceeeeb456d12a3 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/easy-digital-downloads-pro/includes/blocks/assets/css/edd-blocks.css?ver=3.2.12 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/bitsum-wp//css/edd-supplemental-styles.css?ver=35eac6e98b37c7568cceeeeb456d12a3 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
Source: global trafficHTTP traffic detected: GET /v3/?ver=v3 HTTP/1.1Host: js.stripe.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/theme-my-login/assets/styles/theme-my-login.min.css?ver=7.1.7 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/nextgen-gallery/static/Lightbox/fancybox/jquery.fancybox-1.3.4.css?ver=3.59.2 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/easy-digital-downloads-pro/assets/css/edd.min.css?ver=3.2.12 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/edd-software-licensing/assets/css/edd-sl.css?ver=3.8.11 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/edd-multi-currency/assets/build/style-frontend.css?ver=1.1.1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/edd-recurring/assets/css/styles.css?ver=2.12.3 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
Source: global trafficHTTP traffic detected: GET /wp-content/themes/meminz/css/plugins.css?ver=20240503 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
Source: global trafficHTTP traffic detected: GET /wp-content/themes/meminz/style.css?ver=202306092 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
Source: global trafficHTTP traffic detected: GET /wp-content/themes/meminz/css/custom.css?ver=35eac6e98b37c7568cceeeeb456d12a3 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
Source: global trafficHTTP traffic detected: GET /wp-content/themes/meminz/skins/default/skin.css?ver=35eac6e98b37c7568cceeeeb456d12a3 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=7.6 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/tml-social/assets/styles/tml-social.min.css?ver=1.1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/jetpack/css/jetpack.css?ver=13.3.1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
Source: global trafficHTTP traffic detected: GET /?custom-css=c8bee26073 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
Source: global trafficHTTP traffic detected: GET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; _ga_ZV0D0J286B=GS1.1.1714912397.1.0.1714912397.60.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/google-analytics-premium/assets/js/frontend-gtag.min.js?ver=8.26.0 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
Source: global trafficHTTP traffic detected: GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
Source: global trafficHTTP traffic detected: GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/nextgen-gallery/static/Legacy/ajax.min.js?ver=3.59.2 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/edd-user-history/assets/js/tracking.js?ver=1.2.0 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/edd-recurring/assets/js/edd-frontend-recurring.js?ver=2.12.3 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
Source: global trafficHTTP traffic detected: GET /js/anchor-offset.js?ver=2 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714912395 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; _ga_ZV0D0J286B=GS1.1.1714912397.1.0.1714912397.60.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=7.6 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; _ga_ZV0D0J286B=GS1.1.1714912397.1.0.1714912397.60.0.0
Source: global trafficHTTP traffic detected: GET /?custom-css=c8bee26073 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; _ga_ZV0D0J286B=GS1.1.1714912397.1.0.1714912397.60.0.0
Source: global trafficHTTP traffic detected: GET /v3/?ver=v3 HTTP/1.1Host: js.stripe.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-None-Match: "2692eab1e562bacee19ab5e8f3b0b448"If-Modified-Since: Sat, 04 May 2024 04:29:46 GMT
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714912399 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; _ga_ZV0D0J286B=GS1.1.1714912397.1.0.1714912397.60.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=7.6 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912399.58.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/theme-my-login/assets/scripts/theme-my-login.min.js?ver=7.1.7 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912399.58.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/nextgen-gallery/static/GalleryDisplay/common.js?ver=3.59.2 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912399.58.0.0; edduh_hash=4c798686f90c46ceff63ed3c997fa277
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/nextgen-gallery/static/Lightbox/lightbox_context.js?ver=3.59.2 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912399.58.0.0; edduh_hash=4c798686f90c46ceff63ed3c997fa277
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/nextgen-gallery/static/Lightbox/fancybox/jquery.easing-1.3.pack.js?ver=3.59.2 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912399.58.0.0; edduh_hash=4c798686f90c46ceff63ed3c997fa277
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/nextgen-gallery/static/Lightbox/fancybox/jquery.fancybox-1.3.4.pack.js?ver=3.59.2 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912399.58.0.0; edduh_hash=4c798686f90c46ceff63ed3c997fa277
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/nextgen-gallery/static/Lightbox/fancybox/nextgen_fancybox_init.js?ver=3.59.2 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912399.58.0.0; edduh_hash=4c798686f90c46ceff63ed3c997fa277
Source: global trafficHTTP traffic detected: GET /e-202418.js HTTP/1.1Host: stats.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/easy-digital-downloads-pro/assets/js/edd-ajax.js?ver=3.2.12 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912399.58.0.0; edduh_hash=4c798686f90c46ceff63ed3c997fa277
Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global trafficHTTP traffic detected: GET /wp-content/themes/meminz/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://bitsum.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://bitsum.com/wp-content/themes/meminz/css/plugins.css?ver=20240503Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912401.56.0.0
Source: global trafficHTTP traffic detected: GET /wp-admin/admin-ajax.php HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912401.56.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/themes/meminz/fonts/open-sans/opensans-regular-webfont.woff2 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://bitsum.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://bitsum.com/wp-content/themes/meminz/css/plugins.css?ver=20240503Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912401.56.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://bitsum.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://bitsum.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=7.6Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912401.56.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://bitsum.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://bitsum.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=7.6Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912401.56.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/themes/meminz/img/pricing-line.png HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/wp-content/themes/meminz/style.css?ver=202306092Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912401.56.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/bitsum_logo_transparent.png HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912401.56.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/jetpack/_inc/build/widgets/eu-cookie-law/eu-cookie-law.min.js?ver=20180522 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=deleted
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=7.6 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912402.55.0.0
Source: global trafficHTTP traffic detected: GET /wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912402.55.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/themes/meminz/img/pricing-line.png HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912402.55.0.0
Source: global trafficHTTP traffic detected: GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912402.55.0.0
Source: global trafficHTTP traffic detected: GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912402.55.0.0
Source: global trafficHTTP traffic detected: GET /wp-admin/admin-ajax.php HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912401.56.0.0
Source: global trafficHTTP traffic detected: GET /wp-includes/js/dist/dom-ready.min.js?ver=f77871ff7694fffea381 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912402.55.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/jetpack/_inc/blocks/subscriptions/view.js?minify=false&ver=13.3.1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912402.55.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3994&rand=0.20887544996126906 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html HTTP/1.1Host: js.stripe.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/edd-multi-currency/assets/build/frontend.js?ver=1.1.1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912402.55.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/themes/meminz/js/plugins.js?ver=35eac6e98b37c7568cceeeeb456d12a3 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912402.55.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/themes/meminz/js/custom.js?ver=20231102 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912402.55.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/30dayrefund-e1605890583229.png HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912402.55.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/bitsum_logo_transparent.png HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912402.55.0.0
Source: global trafficHTTP traffic detected: GET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912402.55.0.0
Source: global trafficHTTP traffic detected: GET /v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js HTTP/1.1Host: js.stripe.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/30dayrefund-e1605890583229.png HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912402.55.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3994&rand=0.20887544996126906 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-includes/js/wp-emoji-release.min.js?ver=35eac6e98b37c7568cceeeeb456d12a3 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912402.55.0.0
Source: global trafficHTTP traffic detected: GET /inner.html HTTP/1.1Host: m.stripe.networkConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://js.stripe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /?custom-css=c8bee26073 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912402.55.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714912409 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912408.49.0.0
Source: global trafficHTTP traffic detected: GET /out-4.5.43.js HTTP/1.1Host: m.stripe.networkConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://m.stripe.network/inner.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=0&rand=0.5645082368297181 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-admin/admin-ajax.php HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912410.47.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/favicon.png HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912410.47.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=0&rand=0.0645236413472281 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=0&rand=0.5645082368297181 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/favicon.png HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912410.47.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=0&rand=0.0645236413472281 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912410.47.0.0
Source: global trafficHTTP traffic detected: GET /?custom-css=c8bee26073 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912410.47.0.0; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714912417 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912410.47.0.0; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=2c02c639-8c02-4f40-b937-fb8deabf55dbe8b7e5
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=2c02c639-8c02-4f40-b937-fb8deabf55dbe8b7e5
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1943&rand=0.41106217824244795 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
Source: global trafficHTTP traffic detected: GET /wp-admin/admin-ajax.php HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912417.40.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1943&rand=0.41106217824244795 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7; cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7; cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7; cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9
Source: global trafficHTTP traffic detected: GET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912417.40.0.0
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7; cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9
Source: global trafficHTTP traffic detected: GET /?custom-css=c8bee26073 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912417.40.0.0
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714912426 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912417.40.0.0
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=2309&rand=0.757336543097145 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-admin/admin-ajax.php HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912426.31.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=2309&rand=0.757336543097145 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7; cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
Source: global trafficHTTP traffic detected: GET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912426.31.0.0
Source: global trafficHTTP traffic detected: GET /?custom-css=c8bee26073 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912426.31.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714912432 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912426.31.0.0
Source: global trafficHTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=A2tp3zbaFOOWXvO&MD=VZaYXHLT HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3138&rand=0.2663419028316665 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-admin/admin-ajax.php HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912434.23.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3138&rand=0.2663419028316665 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7; cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
Source: global trafficHTTP traffic detected: GET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912434.23.0.0
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7; cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9
Source: global trafficHTTP traffic detected: GET /?custom-css=c8bee26073 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912434.23.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714912440 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912434.23.0.0
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3224&rand=0.7777739801533385 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-admin/admin-ajax.php HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912442.15.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3224&rand=0.7777739801533385 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7; cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9
Source: global trafficHTTP traffic detected: GET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912442.15.0.0
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
Source: global trafficHTTP traffic detected: GET /?custom-css=c8bee26073 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912442.15.0.0
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7; cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714912447 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912442.15.0.0
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1960&rand=0.9310427983388707 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-admin/admin-ajax.php HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912448.9.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1960&rand=0.9310427983388707 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7; cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
Source: global trafficHTTP traffic detected: GET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912448.9.0.0
Source: global trafficHTTP traffic detected: GET /?custom-css=c8bee26073 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912448.9.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714912453 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912448.9.0.0
Source: global trafficHTTP traffic detected: GET /wp-admin/admin-ajax.php HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912455.2.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=0&rand=0.607764172633884 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=0&rand=0.607764172633884 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7; cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
Source: global trafficHTTP traffic detected: GET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912456.1.0.0
Source: global trafficHTTP traffic detected: GET /?custom-css=c8bee26073 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912456.1.0.0
Source: global trafficHTTP traffic detected: GET /v3/?ver=v3 HTTP/1.1Host: js.stripe.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-None-Match: "2692eab1e562bacee19ab5e8f3b0b448"If-Modified-Since: Sat, 04 May 2024 04:29:46 GMT
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714912462 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912456.1.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3177&rand=0.6102218130973263 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3177&rand=0.6102218130973263 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-admin/admin-ajax.php HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912463.60.0.0
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7; cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
Source: global trafficHTTP traffic detected: GET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912463.60.0.0
Source: global trafficHTTP traffic detected: GET /?custom-css=c8bee26073 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912463.60.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714912469 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912463.60.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1784&rand=0.7880681605956541 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-admin/admin-ajax.php HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912469.54.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1784&rand=0.7880681605956541 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7; cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
Source: global trafficHTTP traffic detected: GET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912469.54.0.0
Source: global trafficHTTP traffic detected: GET /?custom-css=c8bee26073 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912469.54.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714912475 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912469.54.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3149&rand=0.33416128811766366 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-admin/admin-ajax.php HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912477.46.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3149&rand=0.33416128811766366 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7; cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9
Source: global trafficHTTP traffic detected: GET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912477.46.0.0
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7; cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9
Source: global trafficHTTP traffic detected: GET /?custom-css=c8bee26073 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912477.46.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714912483 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912477.46.0.0
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=4119&rand=0.6201211102575397 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-admin/admin-ajax.php HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912485.38.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=4119&rand=0.6201211102575397 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7; cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9
Source: global trafficHTTP traffic detected: GET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912485.38.0.0
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
Source: global trafficHTTP traffic detected: GET /?custom-css=c8bee26073 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912485.38.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714912491 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912485.38.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1888&rand=0.7260079474896437 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-admin/admin-ajax.php HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912491.32.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1888&rand=0.7260079474896437 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7; cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
Source: global trafficHTTP traffic detected: GET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912491.32.0.0
Source: global trafficHTTP traffic detected: GET /?custom-css=c8bee26073 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912491.32.0.0
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714912497 HTTP/1.1Host: bitsum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912491.32.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1781&rand=0.6508001778069497 HTTP/1.1Host: pixel.wp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-admin/admin-ajax.php HTTP/1.1Host: bitsum.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912497.26.0.0
Source: global trafficHTTP traffic detected: GET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1781&rand=0.6508001778069497 HTTP/1.1Host: pixel.wp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7; cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9
Source: chromecache_216.8.drString found in binary or memory: "https://www.facebook.com/StripeHQ", equals www.facebook.com (Facebook)
Source: chromecache_216.8.drString found in binary or memory: "https://www.linkedin.com/company/stripe/", equals www.linkedin.com (Linkedin)
Source: chromecache_195.8.drString found in binary or memory: return b}yC.K="internal.enableAutoEventOnTimer";var dc=ka(["data-gtm-yt-inspected-"]),AC=["www.youtube.com","www.youtube-nocookie.com"],BC,CC=!1; equals www.youtube.com (Youtube)
Source: global trafficDNS traffic detected: DNS query: bitsum.com
Source: global trafficDNS traffic detected: DNS query: js.stripe.com
Source: global trafficDNS traffic detected: DNS query: stats.wp.com
Source: global trafficDNS traffic detected: DNS query: v0.wordpress.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: analytics.google.com
Source: global trafficDNS traffic detected: DNS query: stats.g.doubleclick.net
Source: global trafficDNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global trafficDNS traffic detected: DNS query: pixel.wp.com
Source: global trafficDNS traffic detected: DNS query: m.stripe.network
Source: global trafficDNS traffic detected: DNS query: m.stripe.com
Source: global trafficDNS traffic detected: DNS query: stripe.com
Source: unknownHTTP traffic detected: POST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912395180&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714912397&sct=1&seg=0&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=6799 HTTP/1.1Host: analytics.google.comConnection: keep-aliveContent-Length: 0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://bitsum.comX-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://bitsum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, QuickUpgrade.exe.1.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, InstallHelper.exe.0.dr, QuickUpgrade.exe.Replacement.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.dr, pl_rsrc_japanese.dll.0.dr, pl_rsrc_italian.dll.0.dr, pl_rsrc_spanish.dll.0.dr, CPUEater.exe.0.dr, Insights.exe.0.dr, pl_rsrc_russian.dll.0.dr, ProcessGovernor.exe.0.dr, pl_rsrc_polish.dll.0.dr, plActivate.exe.0.dr, pl_rsrc_french.dll.0.drString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, QuickUpgrade.exe.1.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, InstallHelper.exe.0.dr, QuickUpgrade.exe.Replacement.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.dr, pl_rsrc_japanese.dll.0.dr, pl_rsrc_italian.dll.0.dr, pl_rsrc_spanish.dll.0.dr, CPUEater.exe.0.dr, Insights.exe.0.dr, pl_rsrc_russian.dll.0.dr, ProcessGovernor.exe.0.dr, pl_rsrc_polish.dll.0.dr, plActivate.exe.0.dr, pl_rsrc_french.dll.0.drString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crt0
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, QuickUpgrade.exe.1.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, InstallHelper.exe.0.dr, QuickUpgrade.exe.Replacement.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.dr, pl_rsrc_japanese.dll.0.dr, pl_rsrc_italian.dll.0.dr, pl_rsrc_spanish.dll.0.dr, CPUEater.exe.0.dr, Insights.exe.0.dr, pl_rsrc_russian.dll.0.dr, ProcessGovernor.exe.0.dr, pl_rsrc_polish.dll.0.dr, plActivate.exe.0.dr, pl_rsrc_french.dll.0.drString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, QuickUpgrade.exe.1.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, InstallHelper.exe.0.dr, QuickUpgrade.exe.Replacement.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.dr, pl_rsrc_japanese.dll.0.dr, pl_rsrc_italian.dll.0.dr, pl_rsrc_spanish.dll.0.dr, CPUEater.exe.0.dr, Insights.exe.0.dr, pl_rsrc_russian.dll.0.dr, ProcessGovernor.exe.0.dr, pl_rsrc_polish.dll.0.dr, plActivate.exe.0.dr, pl_rsrc_french.dll.0.drString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, QuickUpgrade.exe.1.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, InstallHelper.exe.0.dr, QuickUpgrade.exe.Replacement.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.dr, pl_rsrc_japanese.dll.0.dr, pl_rsrc_italian.dll.0.dr, pl_rsrc_spanish.dll.0.dr, CPUEater.exe.0.dr, Insights.exe.0.dr, pl_rsrc_russian.dll.0.dr, ProcessGovernor.exe.0.dr, pl_rsrc_polish.dll.0.dr, plActivate.exe.0.dr, pl_rsrc_french.dll.0.drString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, QuickUpgrade.exe.1.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, InstallHelper.exe.0.dr, QuickUpgrade.exe.Replacement.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.dr, pl_rsrc_japanese.dll.0.dr, pl_rsrc_italian.dll.0.dr, pl_rsrc_spanish.dll.0.dr, CPUEater.exe.0.dr, Insights.exe.0.dr, pl_rsrc_russian.dll.0.dr, ProcessGovernor.exe.0.dr, pl_rsrc_polish.dll.0.dr, plActivate.exe.0.dr, pl_rsrc_french.dll.0.drString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0S
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, QuickUpgrade.exe.1.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, InstallHelper.exe.0.dr, QuickUpgrade.exe.Replacement.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.dr, pl_rsrc_japanese.dll.0.dr, pl_rsrc_italian.dll.0.dr, pl_rsrc_spanish.dll.0.dr, CPUEater.exe.0.dr, Insights.exe.0.dr, pl_rsrc_russian.dll.0.dr, ProcessGovernor.exe.0.dr, pl_rsrc_polish.dll.0.dr, plActivate.exe.0.dr, pl_rsrc_french.dll.0.drString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
Source: PostUpdate.exe.0.drString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, QuickUpgrade.exe.1.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, InstallHelper.exe.0.dr, QuickUpgrade.exe.Replacement.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.dr, pl_rsrc_japanese.dll.0.dr, pl_rsrc_italian.dll.0.dr, pl_rsrc_spanish.dll.0.dr, CPUEater.exe.0.dr, Insights.exe.0.dr, pl_rsrc_russian.dll.0.dr, ProcessGovernor.exe.0.dr, pl_rsrc_polish.dll.0.dr, plActivate.exe.0.dr, pl_rsrc_french.dll.0.drString found in binary or memory: http://crl4.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0=
Source: chromecache_254.8.drString found in binary or memory: http://daneden.me/animate
Source: chromecache_254.8.drString found in binary or memory: http://fontawesome.io
Source: chromecache_254.8.drString found in binary or memory: http://fontawesome.io/license
Source: chromecache_254.8.dr, chromecache_221.8.drString found in binary or memory: http://getbootstrap.com)
Source: chromecache_239.8.dr, chromecache_258.8.drString found in binary or memory: http://go.wpbakery.com/licensing
Source: chromecache_221.8.drString found in binary or memory: http://gsgd.co.uk/sandbox/jquery/easing/
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, QuickUpgrade.exe.1.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, InstallHelper.exe.0.dr, QuickUpgrade.exe.Replacement.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.dr, pl_rsrc_japanese.dll.0.dr, pl_rsrc_italian.dll.0.dr, pl_rsrc_spanish.dll.0.dr, CPUEater.exe.0.dr, Insights.exe.0.dr, pl_rsrc_russian.dll.0.dr, ProcessGovernor.exe.0.dr, pl_rsrc_polish.dll.0.dr, plActivate.exe.0.dr, pl_rsrc_french.dll.0.drString found in binary or memory: http://ocsp.digicert.com0
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, QuickUpgrade.exe.1.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, InstallHelper.exe.0.dr, QuickUpgrade.exe.Replacement.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.dr, pl_rsrc_japanese.dll.0.dr, pl_rsrc_italian.dll.0.dr, pl_rsrc_spanish.dll.0.dr, CPUEater.exe.0.dr, Insights.exe.0.dr, pl_rsrc_russian.dll.0.dr, ProcessGovernor.exe.0.dr, pl_rsrc_polish.dll.0.dr, plActivate.exe.0.dr, pl_rsrc_french.dll.0.drString found in binary or memory: http://ocsp.digicert.com0A
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, QuickUpgrade.exe.1.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, InstallHelper.exe.0.dr, QuickUpgrade.exe.Replacement.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.dr, pl_rsrc_japanese.dll.0.dr, pl_rsrc_italian.dll.0.dr, pl_rsrc_spanish.dll.0.dr, CPUEater.exe.0.dr, Insights.exe.0.dr, pl_rsrc_russian.dll.0.dr, ProcessGovernor.exe.0.dr, pl_rsrc_polish.dll.0.dr, plActivate.exe.0.dr, pl_rsrc_french.dll.0.drString found in binary or memory: http://ocsp.digicert.com0C
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, QuickUpgrade.exe.1.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, InstallHelper.exe.0.dr, QuickUpgrade.exe.Replacement.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.dr, pl_rsrc_japanese.dll.0.dr, pl_rsrc_italian.dll.0.dr, pl_rsrc_spanish.dll.0.dr, CPUEater.exe.0.dr, Insights.exe.0.dr, pl_rsrc_russian.dll.0.dr, ProcessGovernor.exe.0.dr, pl_rsrc_polish.dll.0.dr, plActivate.exe.0.dr, pl_rsrc_french.dll.0.drString found in binary or memory: http://ocsp.digicert.com0X
Source: chromecache_221.8.drString found in binary or memory: http://pupunzi.open-lab.com
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, QuickUpgrade.exe.1.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, InstallHelper.exe.0.dr, QuickUpgrade.exe.Replacement.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.dr, pl_rsrc_japanese.dll.0.dr, pl_rsrc_italian.dll.0.dr, pl_rsrc_spanish.dll.0.dr, CPUEater.exe.0.dr, Insights.exe.0.dr, pl_rsrc_russian.dll.0.dr, ProcessGovernor.exe.0.dr, pl_rsrc_polish.dll.0.dr, plActivate.exe.0.dr, pl_rsrc_french.dll.0.drString found in binary or memory: http://www.digicert.com/CPS0
Source: chromecache_221.8.drString found in binary or memory: http://www.gmarwaha.com/jquery/jcarousellite/
Source: chromecache_221.8.drString found in binary or memory: http://www.gnu.org/licenses/gpl.html
Source: chromecache_221.8.drString found in binary or memory: http://www.ianlunn.co.uk/
Source: chromecache_221.8.drString found in binary or memory: http://www.ianlunn.co.uk/plugins/jquery-parallax/
Source: chromecache_221.8.drString found in binary or memory: http://www.mattvarone.com/web-design/uitotop-jquery-plugin
Source: chromecache_221.8.drString found in binary or memory: http://www.no-margin-for-errors.com)
Source: chromecache_221.8.drString found in binary or memory: http://www.opensource.org/licenses/mit-license.php
Source: chromecache_221.8.drString found in binary or memory: http://www.owlgraphic.com/owlcarousel/
Source: pl_rsrc_chinese_traditional.dll.0.drString found in binary or memory: https://Bitsum.com
Source: ProcessLasso.exeString found in binary or memory: https://activate.bitsum.com/?
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006E42000.00000004.00000020.00020000.00000000.sdmp, QuickUpgrade.exe.1.dr, QuickUpgrade.exe.Replacement.0.dr, plActivate.exe.0.drString found in binary or memory: https://activate.bitsum.com/?Process
Source: ProcessLasso.exeString found in binary or memory: https://activate.bitsum.com/check.php
Source: chromecache_195.8.drString found in binary or memory: https://adservice.google.com/pagead/regclk
Source: chromecache_195.8.drString found in binary or memory: https://adservice.googlesyndication.com/pagead/regclk
Source: chromecache_216.8.drString found in binary or memory: https://assets.ctfassets.net
Source: chromecache_216.8.drString found in binary or memory: https://assets.ctfassets.net/fzn2n1nzq965/01hMKr6nEEGVfOuhsaMIXQ/c424849423b5f036a8892afa09ac38c7/fa
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/1a930247.woff2)
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/AnimatedCodeEditor-86776e0635434fc49715.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/AnimatedIcon-0b7478e1f9234aae8838.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/AtlasDashboardGraphic-042f01c5c5f7a5d7ca1a.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/BackgroundGlobe-64953aedea5f231d07b7.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/Bootstrapper-5KGKLV5W.js
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/BrandModal-77aed9e8900fc44f1554.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/BrandModalGraphic-e9e1fc8f4c2bf8a9bd44.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/CardField-739e285edeecea986ed0.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/CaseStudyCard-60f3f5412530e6e993e8.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/CheckoutFormGraphic-b2509d821651cbc82709.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/CodeEditor-6eacb8e42c7465ddd557.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/CodeEditorAsciiLoader-c1a350cb85f7a989f599.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/CodeEditorAutocomplete-dc62d89d9e2121e48baf.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/CodeEditorCursor-517911b19e66c94dafbb.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/CodeEditorLineNumbers-0eded1c84476ec649145.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/CodeEditorStatusBar-24c7c84123b2b6e4f091.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/CodeSyntax-e0768ef33503219c518d.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/CodeTerminal-ca23848effb056969042.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/CopyTitle-c641e014b3946628bc95.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/CustomersCaseStudyCardBackground-853f685776c80eaa0089
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/CustomersCaseStudyCardOverlay-09e527d11b6471566771.cs
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/CustomersCaseStudyCarousel-6ad3f0dce85838a77d8b.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/CustomersCaseStudyCarouselNavGroup-41fa77c08914b1b778
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/CustomersCaseStudyCarouselNavItem-fd5a8f8fac232f661b3
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/CustomersCaseStudyCarouselNavTrack-1380f9c2e275695c5e
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/DevelopersCodeEditor-eadbd8bbcdedd8edbbe3.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/DomGraphic-5a317684eb2b9d1f76d2.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/EnterpriseCarouselAside-b05102a0b81de0c11406.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/Field-ea906aa31d4012757deb.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/Flag-0530f6f8a0ae1e011860.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/Form-401d42df82b6e8482f06.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/Frontdoor-4513faa7ba2dd8949ee2.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorBillingAnimation-fa25c03988d3d1f36a35.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorBillingGraphic-c9e3aeda05ab14a454b1.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorBillingGraphicLogo-2cee099c6b840fb58d86.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorBillingGraphicTier-4d3b73ee5f599b93aa50.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorConnectAnimation-f4ce77b995975fa55335.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorConnectFlowDiagram-bcf0320e44c152e1ca03.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorConnectFlowDiagramOrderNotification-b0f6b26d
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorConnection-192c60d5ff4ac27dec4f.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorGraphic-ab42746a2bb65d850037.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorGraphicImage-ff4d221174ca6cab4402.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorGraphicOutline-cbb29a27650befdb3913.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorIcon-f22f360dadf72ca61a47.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorIconGrid-f5ddeb3e7d94044a9646.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorIconOutline-2c0929473dcd28db2e99.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorIssuingAnimation-ba03e22ccfea12d68c6c.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorIssuingCard-b80b51aa94acdc8a688e.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorPaymentsAnimation-71bdbfda51a40294b593.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorPaymentsGraphic-45fe2caceea82c749c40.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorStandaloneAnimation-5aefb3912ae346b5293e.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorStickyAnimation-4ea4d6a5e9b414987337.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorSubanimation-b9163916332f2a67d464.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorSuiteAnimation-683958a93f82ca151ea7.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/Global-f1eeffae1de3242fcca9.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/GlobalizationPicker-cb59e0de1d5c3aeaa184.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/Globe-b2159f87180df559d2e8.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/GradientLegend-f1cabc70fbf82f3e9c05.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/GraphicForm-7d75b8ba72e0304da82c.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/GraphicFormField-33f78921d62dc714d424.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/GraphicFormFieldInput-3d704dfad5ff81d0e80b.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/GraphicFormFieldInputGrid-281fa6a92c2e3caa14c9.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/GraphicFormFieldList-5317148749a9268ec04d.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/GridLayout-0b90e779a89c0243e739.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/HorizontalOverflowContainer-0b85e8f46a0db21a6ef9.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/Icon-646136cd9e336d8c18d7.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/InvoicingFeatureGraphic-db95f6cbfa638cca151e.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/List-d4c6ad06c173a7dca2ed.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/LocaleControl-09ce62c550a15bb456e5.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/LowCodeNoCode-de32a3423ce25c839d82.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/MobileStickyNav-e95ca4c4af5266ca01f2.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/MobileStickyNavControl-1518a74559667e928374.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/PaymentLinksFeatureGraphic-6c9382201d4ede7c851a.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/Picture-3f0067e6b392244c9bda.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/ProductBadge-aa2497ab8abdcc6a3d34.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/ProductFeatureCard-4476eb8c383446c052aa.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/ProductListing-3e17d7acee941b127dd1.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/RowLayout-9272a8ee72d3dac4a6ef.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/SiteFooterSection-1c0a8e1d30b69be4ef69.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/SiteFooterSectionSupportLinkList-US-bf39e598e6b8dad8c
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/StartUp-889f28d89767c8a9d60f.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/Stripe-b3679504f08482f96a0d.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/StripeProductUsed-448c2bc0913c408517f4.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/StripeProductUsedList-4a8c16b5e5f3fa51247d.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/StripeSet-423109ad4bf57a2a011c.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/Track-2f2fce741fc3d8fc8450.css
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/ac6713d5.woff)
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/f965fdf4.woff2
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/f965fdf4.woff2)
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/imt-38da0d78a50596ad541ad6654b46af9a.js
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/mkt-statics-srv/assets/store-936f0d847a16164e7f6b15d74659c4a9.html
Source: chromecache_216.8.drString found in binary or memory: https://b.stripecdn.com/stripethirdparty-srv/assets/
Source: pl_rsrc_german.dll.0.drString found in binary or memory: https://bitsum.com
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007B26000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_finnish.dll.0.drString found in binary or memory: https://bitsum.com-sivusto.
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007B26000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_finnish.dll.0.drString found in binary or memory: https://bitsum.com-sivustolta.
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006D11000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007F06000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008748000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006B28000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_slovenian.dll.0.dr, pl_rsrc_russian.dll.0.dr, pl_rsrc_polish.dll.0.dr, pl_rsrc_german.dll.0.drString found in binary or memory: https://bitsum.com.
Source: pl_rsrc_russian.dll.0.dr, pl_rsrc_polish.dll.0.dr, pl_rsrc_french.dll.0.dr, pl_rsrc_bulgarian.dll.0.dr, pl_rsrc_german.dll.0.drString found in binary or memory: https://bitsum.com/
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000071D5000.00000004.00000020.00020000.00000000.sdmp, TweakScheduler.exe.0.drString found in binary or memory: https://bitsum.com/%xtweakscheduler.exelassopecparkbitsumalaInstallerLanguageDWORDBitsumSOFTWARE
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.000000000887A000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_ptbr.dll.0.drString found in binary or memory: https://bitsum.com/1A
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000083A2000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000079F7000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000001.00000002.1688555797.00000277D90FF000.00000002.00000001.01000000.0000000A.sdmp, ProcessLasso.exe, 00000004.00000002.2880201261.000002A8B45DF000.00000002.00000001.01000000.0000000A.sdmp, pl_rsrc_english.dll.0.dr, pl_rsrc_japanese.dll.0.drString found in binary or memory: https://bitsum.com/3Current
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000073BC000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_bulgarian.dll.0.drString found in binary or memory: https://bitsum.com/4
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007D10000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_french.dll.0.drString found in binary or memory: https://bitsum.com/4Version
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007F06000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_german.dll.0.drString found in binary or memory: https://bitsum.com/7Aktuelle
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000081B6000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_italian.dll.0.drString found in binary or memory: https://bitsum.com/9La
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006E42000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_spanish.dll.0.drString found in binary or memory: https://bitsum.com/:La
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008748000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_polish.dll.0.drString found in binary or memory: https://bitsum.com/=Wersja
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006E42000.00000004.00000020.00020000.00000000.sdmp, QuickUpgrade.exe.1.dr, QuickUpgrade.exe.Replacement.0.drString found in binary or memory: https://bitsum.com/?prod=pl&update_error_sigError
Source: ProcessLasso.exeString found in binary or memory: https://bitsum.com/apps/coredirector
Source: LogViewer.exe.0.drString found in binary or memory: https://bitsum.com/bad
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000083A2000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007B26000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006D11000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006E42000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007661000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007829000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000073BC000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007D10000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000079F7000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000081B6000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008574000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.000000000887A000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008748000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006B28000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000001.00000002.1688555797.00000277D90FF000.00000002.00000001.01000000.0000000A.sdmp, ProcessLasso.exe, 00000004.00000002.2880201261.000002A8B45DF000.00000002.00000001.01000000.0000000A.sdmp, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.drString found in binary or memory: https://bitsum.com/changelog/pl/changes.htm#latest?inproduct
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007F06000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_german.dll.0.drString found in binary or memory: https://bitsum.com/changelog/pl/changes.htm#latest?inproduct(Virtuelle
Source: ProcessLasso.exeString found in binary or memory: https://bitsum.com/changes/processlasso/
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000071D5000.00000004.00000020.00020000.00000000.sdmp, TweakScheduler.exe.0.drString found in binary or memory: https://bitsum.com/check.phphttps://activate.bitsum.com/check.phpCHECK_OKUNSPECIFIEDstring
Source: Insights.exe.0.drString found in binary or memory: https://bitsum.com/cpubalance/%dProBalanceProBalanceToday%s
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000083A2000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007B26000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006D11000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006E42000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007661000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007829000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000073BC000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007D10000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007F06000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000079F7000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000081B6000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008574000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.000000000887A000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008748000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006B28000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000001.00000002.1688555797.00000277D90FF000.00000002.00000001.01000000.0000000A.sdmp, ProcessLasso.exe, 00000004.00000002.2880201261.000002A8B45DF000.00000002.00000001.01000000.0000000A.sdmp, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_english.dll.0.drString found in binary or memory: https://bitsum.com/docs/pl
Source: ProcessLasso.exe, 00000004.00000002.2879653332.000002A8B26CE000.00000004.00000020.00020000.00000000.sdmp, ProcessLasso.exe, 00000004.00000002.2879653332.000002A8B2697000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
Source: ProcessLasso.exe, 00000004.00000002.2879653332.000002A8B26CE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1&
Source: ProcessLasso.exe, 00000004.00000002.2879653332.000002A8B26CE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=16F8
Source: ProcessLasso.exe, 00000004.00000002.2879653332.000002A8B2697000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=17
Source: ProcessLasso.exe, 00000004.00000002.2879653332.000002A8B26DF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1CC
Source: ProcessLasso.exe, 00000004.00000002.2879653332.000002A8B26DF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1G
Source: ProcessLasso.exe, 00000004.00000002.2879653332.000002A8B26CE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1K
Source: ProcessLasso.exe, 00000004.00000002.2879653332.000002A8B26DF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1M
Source: ProcessLasso.exe, 00000004.00000002.2879653332.000002A8B2697000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1ay
Source: ProcessLasso.exe, 00000004.00000002.2879653332.000002A8B26CE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1d
Source: ProcessLasso.exe, 00000004.00000002.2879653332.000002A8B26DF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1h
Source: ProcessLasso.exe, 00000004.00000002.2879653332.000002A8B26DF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1r
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006FAF000.00000004.00000020.00020000.00000000.sdmp, ProcessLasso.exe, 00000004.00000000.1681252064.00007FF7E6D2F000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe, 00000004.00000002.2882313735.00007FF7E6D2F000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe.0.drString found in binary or memory: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1s
Source: ProcessLasso.exe, 00000004.00000002.2879653332.000002A8B2697000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1y
Source: ProcessLasso.exeString found in binary or memory: https://bitsum.com/get-process-lasso-server-edition/
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000071D5000.00000004.00000020.00020000.00000000.sdmp, TweakScheduler.exe.0.drString found in binary or memory: https://bitsum.com/get-process-lasso-server-edition/-https://activate.bitsum.com/?Process
Source: Insights.exe.0.drString found in binary or memory: https://bitsum.com/get-process-lasso-server-edition/https://activate.bitsum.com/?Process
Source: ProcessLasso.exeString found in binary or memory: https://bitsum.com/keep-running-gaas-info
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006FAF000.00000004.00000020.00020000.00000000.sdmp, ProcessLasso.exe, 00000004.00000000.1681252064.00007FF7E6D2F000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe, 00000004.00000002.2882313735.00007FF7E6D2F000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe.0.drString found in binary or memory: https://bitsum.com/keep-running-gaas-infoGlobal
Source: ProcessGovernor.exe.0.drString found in binary or memory: https://bitsum.com/minidumps
Source: ProcessLasso.exeString found in binary or memory: https://bitsum.com/minidumps/
Source: pl_rsrc_german.dll.0.drString found in binary or memory: https://bitsum.com/minidumps/.
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.000000000732C000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.000000000842B000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000085F9000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000087E9000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008257000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007A96000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007C7F000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000076E1000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006BC2000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007E76000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000078AA000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006DB2000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.000000000751A000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008067000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000001.00000002.1688555797.00000277D9071000.00000002.00000001.01000000.0000000A.sdmp, ProcessLasso.exe, 00000004.00000002.2880201261.000002A8B4551000.00000002.00000001.01000000.0000000A.sdmp, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_english.dll.0.drString found in binary or memory: https://bitsum.com/parkcontrol/
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006FAF000.00000004.00000020.00020000.00000000.sdmp, ProcessLasso.exe, ProcessLasso.exe, 00000004.00000000.1681252064.00007FF7E6D2F000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe, 00000004.00000002.2882313735.00007FF7E6D2F000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe.0.drString found in binary or memory: https://bitsum.com/parkcontrol/?inproduct
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000083A2000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006D11000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007661000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007829000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007F06000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008574000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.dr, pl_rsrc_japanese.dll.0.dr, pl_rsrc_german.dll.0.drString found in binary or memory: https://bitsum.com/pl_last_w2k.php?inproduct
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007B26000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_finnish.dll.0.drString found in binary or memory: https://bitsum.com/pl_last_w2k.php?inproduct0VIRHE
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000079F7000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000001.00000002.1688555797.00000277D90FF000.00000002.00000001.01000000.0000000A.sdmp, ProcessLasso.exe, 00000004.00000002.2880201261.000002A8B45DF000.00000002.00000001.01000000.0000000A.sdmp, pl_rsrc_english.dll.0.drString found in binary or memory: https://bitsum.com/pl_last_w2k.php?inproduct6ERROR
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000081B6000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_italian.dll.0.drString found in binary or memory: https://bitsum.com/pl_last_w2k.php?inproduct:ERRORE
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007D10000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_french.dll.0.drString found in binary or memory: https://bitsum.com/pl_last_w2k.php?inproductCERREUR
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000073BC000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_bulgarian.dll.0.drString found in binary or memory: https://bitsum.com/pl_last_w2k.php?inproductE
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.000000000887A000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_ptbr.dll.0.drString found in binary or memory: https://bitsum.com/pl_last_w2k.php?inproductFERRO
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006E42000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_spanish.dll.0.drString found in binary or memory: https://bitsum.com/pl_last_w2k.php?inproductFERROR
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006B28000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_russian.dll.0.drString found in binary or memory: https://bitsum.com/pl_last_w2k.php?inproductH
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008748000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_polish.dll.0.drString found in binary or memory: https://bitsum.com/pl_last_w2k.php?inproductIBA
Source: Insights.exe.0.drString found in binary or memory: https://bitsum.com/portfolio/cpubalance/FThttps://bitsum.com/members/purchase-history/14.0.2.12
Source: ProcessLasso.exeString found in binary or memory: https://bitsum.com/processlasso-docs/#processmatch
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006FAF000.00000004.00000020.00020000.00000000.sdmp, ProcessLasso.exe, 00000004.00000000.1681252064.00007FF7E6D2F000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe, 00000004.00000002.2882313735.00007FF7E6D2F000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe.0.drString found in binary or memory: https://bitsum.com/processlasso-docs/#processmatch;
Source: Insights.exe.0.drString found in binary or memory: https://bitsum.com/processlasso-docs/#processmatchhttps://activate.bitsum.com/check.phpCHECK_OKarbgc
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.000000000732C000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.000000000842B000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000085F9000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000087E9000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008257000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007A96000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007C7F000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000076E1000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006BC2000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007E76000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000078AA000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006DB2000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.000000000751A000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008067000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000001.00000002.1688555797.00000277D9071000.00000002.00000001.01000000.0000000A.sdmp, ProcessLasso.exe, ProcessLasso.exe, 00000004.00000002.2880201261.000002A8B4551000.00000002.00000001.01000000.0000000A.sdmp, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.drString found in binary or memory: https://bitsum.com/processlasso/
Source: pl_rsrc_russian.dll.0.dr, pl_rsrc_polish.dll.0.dr, pl_rsrc_french.dll.0.dr, pl_rsrc_bulgarian.dll.0.dr, pl_rsrc_german.dll.0.drString found in binary or memory: https://bitsum.com/processlasso/?inproduct
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006E42000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_spanish.dll.0.drString found in binary or memory: https://bitsum.com/processlasso/?inproduct1Quedan
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006D11000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_slovenian.dll.0.drString found in binary or memory: https://bitsum.com/processlasso/?inproduct2Za
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.000000000887A000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_ptbr.dll.0.drString found in binary or memory: https://bitsum.com/processlasso/?inproduct7H
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007B26000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_finnish.dll.0.drString found in binary or memory: https://bitsum.com/processlasso/?inproduct7Process
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008748000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_polish.dll.0.drString found in binary or memory: https://bitsum.com/processlasso/?inproduct8PozostaB
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007F06000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_german.dll.0.drString found in binary or memory: https://bitsum.com/processlasso/?inproduct:Es
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007D10000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_french.dll.0.drString found in binary or memory: https://bitsum.com/processlasso/?inproduct:Il
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000079F7000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000001.00000002.1688555797.00000277D90FF000.00000002.00000001.01000000.0000000A.sdmp, ProcessLasso.exe, 00000004.00000002.2880201261.000002A8B45DF000.00000002.00000001.01000000.0000000A.sdmp, pl_rsrc_english.dll.0.drString found in binary or memory: https://bitsum.com/processlasso/?inproduct;There
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000073BC000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_bulgarian.dll.0.drString found in binary or memory: https://bitsum.com/processlasso/?inproduct?
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006FAF000.00000004.00000020.00020000.00000000.sdmp, ProcessLasso.exe, 00000004.00000000.1681252064.00007FF7E6D2F000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe, 00000004.00000002.2882313735.00007FF7E6D2F000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe.0.drString found in binary or memory: https://bitsum.com/processlasso/Explorer-Process
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000083A2000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007B26000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006D11000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006E42000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007661000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007829000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000073BC000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007D10000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007F06000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000079F7000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000081B6000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008574000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.000000000887A000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008748000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006B28000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000001.00000002.1688555797.00000277D90FF000.00000002.00000001.01000000.0000000A.sdmp, ProcessLasso.exe, 00000004.00000002.2880201261.000002A8B45DF000.00000002.00000001.01000000.0000000A.sdmp, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_english.dll.0.drString found in binary or memory: https://bitsum.com/processlasso/purchase/?inproduct
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000083A2000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007B26000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006D11000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006E42000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007661000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007829000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000073BC000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007D10000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007F06000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000079F7000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000081B6000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008574000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.000000000887A000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008748000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006B28000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000001.00000002.1688555797.00000277D90FF000.00000002.00000001.01000000.0000000A.sdmp, ProcessLasso.exe, 00000004.00000002.2880201261.000002A8B45DF000.00000002.00000001.01000000.0000000A.sdmp, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_english.dll.0.drString found in binary or memory: https://bitsum.com/processlasso/purchase/commercial/?inproduct1https://bitsum.com/processlasso/serve
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000083A2000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006E42000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007661000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007829000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007D10000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000081B6000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008574000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008748000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.dr, pl_rsrc_japanese.dll.0.dr, pl_rsrc_italian.dll.0.dr, pl_rsrc_spanish.dll.0.dr, pl_rsrc_polish.dll.0.dr, pl_rsrc_french.dll.0.drString found in binary or memory: https://bitsum.com/prolasso_older_versions.php?inproduct
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007F06000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_german.dll.0.drString found in binary or memory: https://bitsum.com/prolasso_older_versions.php?inproductO
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006B28000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_russian.dll.0.drString found in binary or memory: https://bitsum.com/prolasso_older_versions.php?inproductT
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000079F7000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000001.00000002.1688555797.00000277D90FF000.00000002.00000001.01000000.0000000A.sdmp, ProcessLasso.exe, 00000004.00000002.2880201261.000002A8B45DF000.00000002.00000001.01000000.0000000A.sdmp, pl_rsrc_english.dll.0.drString found in binary or memory: https://bitsum.com/prolasso_older_versions.php?inproducta
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006D11000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_slovenian.dll.0.drString found in binary or memory: https://bitsum.com/prolasso_older_versions.php?inproductd
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000073BC000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_bulgarian.dll.0.drString found in binary or memory: https://bitsum.com/prolasso_older_versions.php?inproductu
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.000000000887A000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_ptbr.dll.0.drString found in binary or memory: https://bitsum.com/prolasso_older_versions.php?inproductw
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007B26000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_finnish.dll.0.drString found in binary or memory: https://bitsum.com/prolasso_older_versions.php?inproduct~
Source: ProcessLasso.exeString found in binary or memory: https://bitsum.com/step1/
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006FAF000.00000004.00000020.00020000.00000000.sdmp, ProcessLasso.exe, 00000004.00000000.1681252064.00007FF7E6D2F000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe, 00000004.00000002.2882313735.00007FF7E6D2F000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe.0.drString found in binary or memory: https://bitsum.com/step1/writetestFT%d%l%s
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000083A2000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007B26000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006D11000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006E42000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007661000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007829000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000073BC000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007D10000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007F06000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000079F7000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000081B6000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008574000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.000000000887A000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008748000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006B28000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000001.00000002.1688555797.00000277D90FF000.00000002.00000001.01000000.0000000A.sdmp, ProcessLasso.exe, 00000004.00000002.2880201261.000002A8B45DF000.00000002.00000001.01000000.0000000A.sdmp, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_english.dll.0.drString found in binary or memory: https://bitsum.com/support.
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007B26000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006D11000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006E42000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007661000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000073BC000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007D10000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007F06000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000079F7000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000081B6000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008574000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.000000000887A000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008748000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006B28000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000001.00000002.1688555797.00000277D90FF000.00000002.00000001.01000000.0000000A.sdmp, ProcessLasso.exe, 00000004.00000002.2880201261.000002A8B45DF000.00000002.00000001.01000000.0000000A.sdmp, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, pl_rsrc_finnish.dll.0.drString found in binary or memory: https://bitsum.com/support/?inproduct
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007829000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_chinese_traditional.dll.0.drString found in binary or memory: https://bitsum.com/support/?inproducte
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000083A2000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_japanese.dll.0.drString found in binary or memory: https://bitsum.com/support/?inproductf3uW03
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008748000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_polish.dll.0.drString found in binary or memory: https://bitsum.com/support/index.php?renewal=14https://bitsum.com/support/index.php?general_failure
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007829000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_chinese_traditional.dll.0.drString found in binary or memory: https://bitsum.com/support/index.php?renewal=14https://bitsum.com/support/index.php?general_failure#
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007661000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_chinese.dll.0.drString found in binary or memory: https://bitsum.com/support/index.php?renewal=14https://bitsum.com/support/index.php?general_failure$
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000083A2000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_japanese.dll.0.drString found in binary or memory: https://bitsum.com/support/index.php?renewal=14https://bitsum.com/support/index.php?general_failure/
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008574000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_korean.dll.0.drString found in binary or memory: https://bitsum.com/support/index.php?renewal=14https://bitsum.com/support/index.php?general_failure5
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006E42000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_spanish.dll.0.drString found in binary or memory: https://bitsum.com/support/index.php?renewal=14https://bitsum.com/support/index.php?general_failureG
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000079F7000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000001.00000002.1688555797.00000277D90FF000.00000002.00000001.01000000.0000000A.sdmp, ProcessLasso.exe, 00000004.00000002.2880201261.000002A8B45DF000.00000002.00000001.01000000.0000000A.sdmp, pl_rsrc_english.dll.0.drString found in binary or memory: https://bitsum.com/support/index.php?renewal=14https://bitsum.com/support/index.php?general_failureH
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007B26000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_finnish.dll.0.drString found in binary or memory: https://bitsum.com/support/index.php?renewal=14https://bitsum.com/support/index.php?general_failureN
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006D11000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_slovenian.dll.0.drString found in binary or memory: https://bitsum.com/support/index.php?renewal=14https://bitsum.com/support/index.php?general_failureS
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000081B6000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.000000000887A000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_italian.dll.0.drString found in binary or memory: https://bitsum.com/support/index.php?renewal=14https://bitsum.com/support/index.php?general_failureU
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007D10000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_french.dll.0.drString found in binary or memory: https://bitsum.com/support/index.php?renewal=14https://bitsum.com/support/index.php?general_failureV
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000073BC000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007F06000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_bulgarian.dll.0.dr, pl_rsrc_german.dll.0.drString found in binary or memory: https://bitsum.com/support/index.php?renewal=14https://bitsum.com/support/index.php?general_failureX
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006B28000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_russian.dll.0.drString found in binary or memory: https://bitsum.com/support/index.php?renewal=14https://bitsum.com/support/index.php?general_failure_
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000083A2000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007B26000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006D11000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006E42000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000073BC000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007D10000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007F06000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000079F7000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000081B6000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.000000000887A000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008748000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006B28000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000001.00000002.1688555797.00000277D90FF000.00000002.00000001.01000000.0000000A.sdmp, ProcessLasso.exe, ProcessLasso.exe, 00000004.00000002.2880201261.000002A8B45DF000.00000002.00000001.01000000.0000000A.sdmp, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_japanese.dll.0.dr, pl_rsrc_italian.dll.0.drString found in binary or memory: https://bitsum.com/translate/
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007829000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_chinese_traditional.dll.0.drString found in binary or memory: https://bitsum.com/translate/-
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007661000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_chinese.dll.0.drString found in binary or memory: https://bitsum.com/translate//
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006FAF000.00000004.00000020.00020000.00000000.sdmp, ProcessLasso.exe, 00000004.00000000.1681252064.00007FF7E6D2F000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe, 00000004.00000002.2882313735.00007FF7E6D2F000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe.0.drString found in binary or memory: https://bitsum.com/translate/ERROR-
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008574000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_korean.dll.0.drString found in binary or memory: https://bitsum.com/translate/F
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, QuickUpgrade.exe.1.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, InstallHelper.exe.0.dr, QuickUpgrade.exe.Replacement.0.dr, pl_rsrc_finnish.dll.0.dr, pl_rsrc_chinese_traditional.dll.0.dr, pl_rsrc_japanese.dll.0.dr, pl_rsrc_italian.dll.0.dr, pl_rsrc_spanish.dll.0.dr, CPUEater.exe.0.dr, Insights.exe.0.dr, pl_rsrc_russian.dll.0.dr, ProcessGovernor.exe.0.dr, pl_rsrc_polish.dll.0.dr, plActivate.exe.0.dr, pl_rsrc_french.dll.0.drString found in binary or memory: https://bitsum.com0/
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007829000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_chinese_traditional.dll.0.drString found in binary or memory: https://bitsum.com3
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007661000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_chinese.dll.0.drString found in binary or memory: https://bitsum.com5
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008574000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_korean.dll.0.drString found in binary or memory: https://bitsum.comD
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008574000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_korean.dll.0.drString found in binary or memory: https://bitsum.comLBitsumX
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000083A2000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_japanese.dll.0.drString found in binary or memory: https://bitsum.comb
Source: chromecache_195.8.drString found in binary or memory: https://cct.google/taggy/agent.js
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007661000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_chinese.dll.0.drString found in binary or memory: https://cn.bitsum.com
Source: chromecache_216.8.drString found in binary or memory: https://dashboard.stripe.com/
Source: chromecache_216.8.drString found in binary or memory: https://dashboard.stripe.com/register
Source: chromecache_274.8.dr, chromecache_280.8.drString found in binary or memory: https://fontawesome.com
Source: chromecache_274.8.dr, chromecache_280.8.drString found in binary or memory: https://fontawesome.com/license/free
Source: chromecache_255.8.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4WxKOzY.woff2)
Source: chromecache_255.8.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2)
Source: chromecache_255.8.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2)
Source: chromecache_255.8.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu72xKOzY.woff2)
Source: chromecache_255.8.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2)
Source: chromecache_255.8.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2)
Source: chromecache_255.8.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7mxKOzY.woff2)
Source: chromecache_221.8.drString found in binary or memory: https://github.com/ganeshmax/jcarousellite/blob/master/LICENSE)
Source: chromecache_221.8.drString found in binary or memory: https://github.com/imakewebthings/jquery-waypoints/blob/master/licenses.txt
Source: chromecache_221.8.drString found in binary or memory: https://github.com/kswedberg/jquery-smooth-scroll
Source: chromecache_221.8.drString found in binary or memory: https://github.com/kswedberg/jquery-smooth-scroll/blob/master/LICENSE-MIT)
Source: chromecache_221.8.drString found in binary or memory: https://github.com/morr/jquery.appear/
Source: chromecache_216.8.drString found in binary or memory: https://github.com/stripe-samples
Source: chromecache_221.8.drString found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_216.8.drString found in binary or memory: https://images.ctfassets.net
Source: chromecache_216.8.drString found in binary or memory: https://images.ctfassets.net/fzn2n1nzq965/1ctgMwd2p9euFW9pPSM7jR/451d5e987ca7fa14060526e6b1766a8b/bm
Source: chromecache_216.8.drString found in binary or memory: https://images.ctfassets.net/fzn2n1nzq965/1lCtk48IB26AGgXdHsrLrt/ad2816d6a744d5249c19ba66be22b0a6/ch
Source: chromecache_216.8.drString found in binary or memory: https://images.ctfassets.net/fzn2n1nzq965/2EOOpI2mMZgHYBlbO44zWV/5a6c5d37402652c80567ec942c733a43/fa
Source: chromecache_216.8.drString found in binary or memory: https://images.ctfassets.net/fzn2n1nzq965/3AGidihOJl4nH9D1vDjM84/9540155d584be52fc54c443b6efa4ae6/ho
Source: chromecache_216.8.drString found in binary or memory: https://images.ctfassets.net/fzn2n1nzq965/4jq1Wguyus7CA7yc2kxMgn/cf7b01aadf305daef40ac8acab654510/ho
Source: chromecache_216.8.drString found in binary or memory: https://images.ctfassets.net/fzn2n1nzq965/4zeFefnpB8yh7U3qSQRktP/d583ee93dd3d8910fa27296748699a0f/bm
Source: chromecache_216.8.drString found in binary or memory: https://images.ctfassets.net/fzn2n1nzq965/5C5LvT3YZvRTGYn7uabXGj/7da8063dc77c67b7f66a1479f47409c8/bu
Source: chromecache_216.8.drString found in binary or memory: https://images.ctfassets.net/fzn2n1nzq965/5DaqGgXeMbxSIqQj9WSqSF/8142c0c6e15b27a8bb6c8a0f8a5d4dfb/ho
Source: chromecache_216.8.drString found in binary or memory: https://images.ctfassets.net/fzn2n1nzq965/5F0uhf7cRg9vhR6NmgWzzI/664e14ddebb91375f89f8dcc75242dc0/ho
Source: chromecache_216.8.drString found in binary or memory: https://images.ctfassets.net/fzn2n1nzq965/5epSdhifMhjZWOkOxK9xG8/05715737a672f2069c17903d2acae585/ty
Source: chromecache_216.8.drString found in binary or memory: https://images.ctfassets.net/fzn2n1nzq965/5hEVwGQfvUQhsMjfASiuA/db4e12749695dbf5735787879ae56e96/fla
Source: chromecache_216.8.drString found in binary or memory: https://images.ctfassets.net/fzn2n1nzq965/5k7VeoAQQDK7032fIF6PEU/25f3670f5f4508103ee77afd92b7e074/ty
Source: chromecache_216.8.drString found in binary or memory: https://images.ctfassets.net/fzn2n1nzq965/6c56LuWUxcACbVkv4fqszI/d0a88e48d11a88b97daf896246ac40da/ho
Source: chromecache_216.8.drString found in binary or memory: https://images.ctfassets.net/fzn2n1nzq965/6iLtU8qBUtE42tshpmZxY2/ac5b7b7a181524237b942e43620fceef/ch
Source: chromecache_216.8.drString found in binary or memory: https://images.ctfassets.net/fzn2n1nzq965/7C4ROeiaqUa0HwwBU9EL9l/205ad1141f35c449a79c7dae1811d9b7/at
Source: chromecache_216.8.drString found in binary or memory: https://images.ctfassets.net/fzn2n1nzq965/7jjWJlm9NHgLI7SV98B0Dg/ea1ae753f3764897fa4333311e41f496/ho
Source: chromecache_216.8.drString found in binary or memory: https://images.ctfassets.net/fzn2n1nzq965/7szA8TJHWKDIEuCbu6Yblm/4548db61648d063fb7e7dddfca04ab79/ho
Source: chromecache_216.8.drString found in binary or memory: https://images.ctfassets.net/fzn2n1nzq965/wEsTNDVgdEqaPAKkFdqnL/c69e1649432f1b772d86d81e423b7e3e/but
Source: chromecache_244.8.drString found in binary or memory: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Source: ProcessLasso.exeString found in binary or memory: https://lic.bitsum.com/versioninfo/processlasso/attribs.txt
Source: ProcessLasso.exe, 00000004.00000002.2879653332.000002A8B2697000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://lic.bitsum.com/versioninfo/processlasso/attribs.txtLassoJ
Source: chromecache_257.8.drString found in binary or memory: https://m.stripe.network
Source: chromecache_216.8.drString found in binary or memory: https://marketplace.stripe.com/
Source: chromecache_195.8.drString found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_195.8.drString found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_216.8.drString found in binary or memory: https://press.stripe.com/
Source: chromecache_216.8.drString found in binary or memory: https://q.stripe.com
Source: chromecache_216.8.drString found in binary or memory: https://sales-live-chat.stripe.com
Source: chromecache_216.8.drString found in binary or memory: https://sales-live-chat.stripe.com/render
Source: chromecache_216.8.drString found in binary or memory: https://schema.org
Source: chromecache_195.8.drString found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_195.8.drString found in binary or memory: https://stats.g.doubleclick.net/g/collect?v=2&
Source: chromecache_216.8.drString found in binary or memory: https://status.stripe.com/
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/#organization
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/ae
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/at
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/au
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/br
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/contact/sales
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/de
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/de-be
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/de-ch
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/de-li
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/de-lu
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/docs
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/docs/api
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/docs/billing
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/docs/connect
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/docs/development
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/docs/invoicing/hosted-invoice-page
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/docs/libraries
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/docs/no-code
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/docs/no-code/payment-links
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/docs/no-code/tap-to-pay
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/docs/payments
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/docs/payments/checkout
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/docs/stripe-apps
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/docs/terminal
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/docs/upgrades#api-changelog
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/docs/upgrades#api-versions
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-at
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-be
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-bg
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-br
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-ca
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-ch
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-cy
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-cz
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-de
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-dk
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-ee
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-es
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-fi
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-fr
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-gi
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-gr
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-hk
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-hr
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-hu
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-it
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-jp
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-li
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-lt
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-lu
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-lv
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-mt
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-mx
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-my
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-nl
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-no
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-pl
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-pt
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-ro
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-se
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-sg
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-si
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-sk
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/en-th
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/es
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/es-us
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/fr
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/fr-be
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/fr-ca
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/fr-ch
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/fr-lu
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/gb
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/guides
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/ie
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/in
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/issuing
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/it
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/it-ch
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/it-hr
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/it-si
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/jp
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/mx
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/nl
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/nl-be
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/nz
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/pricing
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/privacy
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/pt-pt
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/radar
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/se
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/sigma
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/spc/licenses
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/sv-fi
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/th
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/us
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/use-cases/global-businesses
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/zh-hk
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/zh-my
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/zh-sg
Source: chromecache_216.8.drString found in binary or memory: https://stripe.com/zh-us
Source: chromecache_230.8.drString found in binary or memory: https://subscribe.wordpress.com
Source: chromecache_230.8.drString found in binary or memory: https://subscribe.wordpress.com/memberships/?
Source: chromecache_216.8.drString found in binary or memory: https://support.stripe.com/?referrerLocale=en-us
Source: chromecache_195.8.drString found in binary or memory: https://td.doubleclick.net
Source: chromecache_216.8.drString found in binary or memory: https://twitter.com/stripe
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006E42000.00000004.00000020.00020000.00000000.sdmp, QuickUpgrade.exe.1.dr, QuickUpgrade.exe.Replacement.0.drString found in binary or memory: https://update.bitsum.com/files/auto/64/beta/pl4sfx.exehttps://update.bitsum.com/files/auto/64/pl4sf
Source: ProcessLasso.exeString found in binary or memory: https://update.bitsum.com/userservices/versioninfo.php
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006FAF000.00000004.00000020.00020000.00000000.sdmp, ProcessLasso.exe, 00000004.00000000.1681252064.00007FF7E6D2F000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe, 00000004.00000002.2882313735.00007FF7E6D2F000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe.0.drString found in binary or memory: https://update.bitsum.com/userservices/versioninfo.php&Platform=&Registered=&vnew=1?ProductName=&man
Source: chromecache_239.8.dr, chromecache_258.8.drString found in binary or memory: https://wpbakery.com)
Source: chromecache_195.8.drString found in binary or memory: https://www.google.com
Source: ProcessLasso.exeString found in binary or memory: https://www.google.com/search?q=%s
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006FAF000.00000004.00000020.00020000.00000000.sdmp, ProcessLasso.exe, 00000004.00000000.1681252064.00007FF7E6D2F000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe, 00000004.00000002.2882313735.00007FF7E6D2F000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe.0.drString found in binary or memory: https://www.google.com/search?q=%sopenProcess
Source: chromecache_195.8.drString found in binary or memory: https://www.googleadservices.com
Source: chromecache_195.8.drString found in binary or memory: https://www.googletagmanager.com
Source: chromecache_216.8.drString found in binary or memory: https://www.linkedin.com/company/stripe/
Source: chromecache_195.8.drString found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_216.8.drString found in binary or memory: https://youtube.com/
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49865
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49986
Source: unknownNetwork traffic detected: HTTP traffic on port 49817 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49864
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49985
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49863
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49984
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49862
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49983
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49982
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49981
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49980
Source: unknownNetwork traffic detected: HTTP traffic on port 49932 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49898 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49875 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49990 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49859
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49858
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49979
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49857
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49978
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49856
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49977
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49855
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49976
Source: unknownNetwork traffic detected: HTTP traffic on port 49841 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49854
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49975
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49974
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49973
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49972
Source: unknownNetwork traffic detected: HTTP traffic on port 50039 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49971
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49970
Source: unknownNetwork traffic detected: HTTP traffic on port 49967 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50004 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49909 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49943 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49849
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49848
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49969
Source: unknownNetwork traffic detected: HTTP traffic on port 49978 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49847
Source: unknownNetwork traffic detected: HTTP traffic on port 49886 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49968
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49846
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49967
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49845
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49966
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49965
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49843
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49964
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49842
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49963
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49841
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49962
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49840
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49961
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49960
Source: unknownNetwork traffic detected: HTTP traffic on port 50015 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50040 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49966 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49989 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49828 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49933 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50028 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49839
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49838
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49959
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49837
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49958
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49836
Source: unknownNetwork traffic detected: HTTP traffic on port 49921 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49957
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49834
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49955
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49833
Source: unknownNetwork traffic detected: HTTP traffic on port 49887 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49954
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49953
Source: unknownNetwork traffic detected: HTTP traffic on port 50062 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49831
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49952
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49830
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49951
Source: unknownNetwork traffic detected: HTTP traffic on port 49839 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49864 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49950
Source: unknownNetwork traffic detected: HTTP traffic on port 49944 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49910 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50051 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49955 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49829
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49828
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49949
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49827
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49948
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49826
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49947
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49825
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49946
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49824
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49945
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49823
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49944
Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49822
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49943
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
Source: unknownNetwork traffic detected: HTTP traffic on port 50061 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
Source: unknownNetwork traffic detected: HTTP traffic on port 49922 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
Source: unknownNetwork traffic detected: HTTP traffic on port 49945 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
Source: unknownNetwork traffic detected: HTTP traffic on port 49968 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50049 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50026 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49980 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 49885 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49899
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49898
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49897
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49896
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49895
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
Source: unknownNetwork traffic detected: HTTP traffic on port 49862 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49894
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49893
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49892
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49891
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49890
Source: unknownNetwork traffic detected: HTTP traffic on port 49897 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49911 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49957 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49830 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49991 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49889
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49888
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49887
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49886
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49885
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 49863 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49884
Source: unknownNetwork traffic detected: HTTP traffic on port 50038 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49883
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49882
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49881
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49840 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49880
Source: unknownNetwork traffic detected: HTTP traffic on port 49896 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50050 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50005 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49979 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49879
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49878
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49999
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49877
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49998
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49876
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49997
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49875
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49996
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49874
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49995
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49873
Source: unknownNetwork traffic detected: HTTP traffic on port 49923 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49994
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49872
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49993
Source: unknownNetwork traffic detected: HTTP traffic on port 50016 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49818 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49871
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49992
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49870
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49991
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49990
Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49874 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49829 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49934 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50027 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49869
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49868
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49989
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49867
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49988
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49866
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49987
Source: unknownNetwork traffic detected: HTTP traffic on port 50013 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50036 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49672 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50059 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49826 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49906 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49849 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49900 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49837 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49975 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50060 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49929 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49872 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50025 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49964 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49999 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49918 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49873 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49930 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50001 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49986 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49963 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50037 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50006
Source: unknownNetwork traffic detected: HTTP traffic on port 50012 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50009
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50008
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
Source: unknownNetwork traffic detected: HTTP traffic on port 49952 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49672
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
Source: unknownNetwork traffic detected: HTTP traffic on port 49814 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50001
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50000
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50003
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50002
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50005
Source: unknownNetwork traffic detected: HTTP traffic on port 49895 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50004
Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50048 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49825 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49884 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49907 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49941 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
Source: unknownNetwork traffic detected: HTTP traffic on port 49997 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49859 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49871 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49894 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50003 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49965 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49942 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49977 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49816 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50035 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49919 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49954 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50014 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49988 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49827 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50046 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49882 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49848 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49838 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49976 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49953 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50047 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49908 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50024 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49883 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49998 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49931 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50058 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50002 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49987 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49920 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49926 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49949 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50054
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50053
Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50056
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50055
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50058
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50057
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50059
Source: unknownNetwork traffic detected: HTTP traffic on port 49961 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49984 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50022 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50061
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50060
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50062
Source: unknownNetwork traffic detected: HTTP traffic on port 50045 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49881 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49950 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49996 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50010 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49858 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50056 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49893 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49915 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49823 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49869 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50009 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50034 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49972 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49834 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50057 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49892 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49904 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49847 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49927 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49822 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49870 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49983 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49938 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50023 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50019
Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49951 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49974 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50032 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50010
Source: unknownNetwork traffic detected: HTTP traffic on port 49836 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49916 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50012
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50011
Source: unknownNetwork traffic detected: HTTP traffic on port 50055 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50014
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50013
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50016
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50015
Source: unknownNetwork traffic detected: HTTP traffic on port 49939 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49845 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49868 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50029
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50028
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50020
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50023
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50022
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50025
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50024
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50027
Source: unknownNetwork traffic detected: HTTP traffic on port 49879 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50026
Source: unknownNetwork traffic detected: HTTP traffic on port 49985 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50000 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50030
Source: unknownNetwork traffic detected: HTTP traffic on port 49905 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50039
Source: unknownNetwork traffic detected: HTTP traffic on port 49995 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50011 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49928 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50032
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50031
Source: unknownNetwork traffic detected: HTTP traffic on port 49857 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50034
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50033
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50036
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50035
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50038
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50037
Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49940 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49824 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50041
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50040
Source: unknownNetwork traffic detected: HTTP traffic on port 49973 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49891 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50033 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50043
Source: unknownNetwork traffic detected: HTTP traffic on port 49917 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50042
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50045
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50044
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50047
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50046
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50049
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50048
Source: unknownNetwork traffic detected: HTTP traffic on port 49880 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50050
Source: unknownNetwork traffic detected: HTTP traffic on port 49962 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50052
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50051
Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50044 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49846 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49890 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49970 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50042 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49878 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49912 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49935 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49958 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49889 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49866 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49820 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49946 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49855 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50053 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49981 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49901 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49924 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49819 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49947 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49831 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50031 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49992 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50043 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49969 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49994 -> 443
Source: unknownHTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.4:49731 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.4:49788 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.4:49791 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.4:49910 version: TLS 1.2
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF64729C270 GetAsyncKeyState,IsWindow,GetWindowTextW,GetDlgItem,IsWindow,GetWindowTextW,GetWindow,IsWindow,GetClassNameW,GetWindowTextW,GetWindow,OpenClipboard,EmptyClipboard,GlobalAlloc,GlobalLock,GlobalUnlock,SetClipboardData,CloseClipboard,1_2_00007FF64729C270
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF64729C270 GetAsyncKeyState,IsWindow,GetWindowTextW,GetDlgItem,IsWindow,GetWindowTextW,GetWindow,IsWindow,GetClassNameW,GetWindowTextW,GetWindow,OpenClipboard,EmptyClipboard,GlobalAlloc,GlobalLock,GlobalUnlock,SetClipboardData,CloseClipboard,1_2_00007FF64729C270
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CB98E0 GetAsyncKeyState,IsWindow,GetWindowTextW,GetDlgItem,IsWindow,GetWindowTextW,GetWindow,IsWindow,GetClassNameW,GetWindowTextW,GetWindow,OpenClipboard,EmptyClipboard,GlobalAlloc,GlobalLock,GlobalUnlock,SetClipboardData,CloseClipboard,4_2_00007FF7E6CB98E0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C62D20 GetKeyState,SetFocus,PostMessageW,GetKeyState,GlobalAlloc,GlobalLock,GlobalUnlock,OpenClipboard,EmptyClipboard,SetClipboardData,CloseClipboard,GetKeyState,SendMessageW,#413,PostMessageW,GetKeyState,GlobalAlloc,GlobalLock,GlobalUnlock,OpenClipboard,EmptyClipboard,SetClipboardData,CloseClipboard,GetKeyState,SendMessageW,#413,#413,4_2_00007FF7E6C62D20
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C73E20 GlobalAlloc,GlobalLock,GlobalUnlock,OpenClipboard,EmptyClipboard,SetClipboardData,CloseClipboard,4_2_00007FF7E6C73E20
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C63AB3 GetKeyState,SetFocus,GetKeyState,GlobalAlloc,GlobalLock,GlobalUnlock,OpenClipboard,EmptyClipboard,SetClipboardData,CloseClipboard,GetKeyState,SendMessageW,#413,GetKeyState,GlobalAlloc,GlobalLock,GlobalUnlock,OpenClipboard,EmptyClipboard,SetClipboardData,CloseClipboard,GetKeyState,SendMessageW,#413,4_2_00007FF7E6C63AB3
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF64729C270 GetAsyncKeyState,IsWindow,GetWindowTextW,GetDlgItem,IsWindow,GetWindowTextW,GetWindow,IsWindow,GetClassNameW,GetWindowTextW,GetWindow,OpenClipboard,EmptyClipboard,GlobalAlloc,GlobalLock,GlobalUnlock,SetClipboardData,CloseClipboard,1_2_00007FF64729C270
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 2_2_00007FF7E99D21F0 CreateMutexW,WaitForSingleObject,CreateEventW,CreateEventW,LoadLibraryW,GetProcAddress,GetCurrentProcess,NtQueryInformationProcess,GetCurrentProcess,SetPriorityClass,LoadCursorW,RegisterClassExW,CreateWindowExW,MessageBoxW,GetMessageW,TranslateMessage,DispatchMessageW,GetMessageW,SetEvent,GetCurrentThreadId,SendMessageW,CloseHandle,ReleaseMutex,MessageBoxW,SetEvent,GetCurrentThreadId,FreeLibrary,CloseHandle,std::_Throw_Cpp_error,std::_Throw_Cpp_error,std::_Throw_Cpp_error,std::_Throw_Cpp_error,std::_Throw_Cpp_error,std::_Throw_Cpp_error,std::_Throw_Cpp_error,2_2_00007FF7E99D21F0
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 2_2_00007FF7E99D1BC0 GetCurrentProcessId,ProcessIdToSessionId,GetForegroundWindow,GetWindowThreadProcessId,GetLastInputInfo,GetCurrentProcess,NtQueryInformationProcess,WaitForSingleObject,std::_Throw_Cpp_error,std::_Throw_Cpp_error,std::_Throw_Cpp_error,std::_Throw_Cpp_error,2_2_00007FF7E99D1BC0
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_00457AAF: __EH_prolog,_wcslen,_wcslen,CreateFileW,CloseHandle,CreateDirectoryW,CreateFileW,DeviceIoControl,CloseHandle,GetLastError,RemoveDirectoryW,DeleteFileW,0_2_00457AAF
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_004592C60_2_004592C6
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_00467DDC0_2_00467DDC
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_004650110_2_00465011
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_004682530_2_00468253
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_004602F70_2_004602F7
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_004652820_2_00465282
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_004762A80_2_004762A8
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_004613FD0_2_004613FD
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_0046742E0_2_0046742E
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_004764D70_2_004764D7
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_004655B00_2_004655B0
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_0047E6000_2_0047E600
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_004607A70_2_004607A7
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_0045D8330_2_0045D833
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_004688AF0_2_004688AF
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_0045395A0_2_0045395A
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_00454A8E0_2_00454A8E
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_0047EAAE0_2_0047EAAE
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_00482BB40_2_00482BB4
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_0045FCCC0_2_0045FCCC
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_00452EB60_2_00452EB6
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF6472769001_2_00007FF647276900
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF6472807A01_2_00007FF6472807A0
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF64727D8201_2_00007FF64727D820
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF64728256A1_2_00007FF64728256A
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF6472766001_2_00007FF647276600
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF6472984701_2_00007FF647298470
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF6472904D01_2_00007FF6472904D0
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF647290FD01_2_00007FF647290FD0
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF64727EE601_2_00007FF64727EE60
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF64727AE401_2_00007FF64727AE40
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF647297F301_2_00007FF647297F30
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF64727FF001_2_00007FF64727FF00
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF647291D801_2_00007FF647291D80
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF647297E101_2_00007FF647297E10
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF647276BCA1_2_00007FF647276BCA
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF64727EAA01_2_00007FF64727EAA0
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF647298A001_2_00007FF647298A00
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF6472B88881_2_00007FF6472B8888
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF6472B39101_2_00007FF6472B3910
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF64729C6801_2_00007FF64729C680
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF6472AE5901_2_00007FF6472AE590
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF6472945801_2_00007FF647294580
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF6472B34601_2_00007FF6472B3460
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF6472B04B01_2_00007FF6472B04B0
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF64728749D1_2_00007FF64728749D
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF6472955301_2_00007FF647295530
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF64729B4301_2_00007FF64729B430
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF6472B632C1_2_00007FF6472B632C
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF6472AE0981_2_00007FF6472AE098
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF6472B3F901_2_00007FF6472B3F90
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF6472A70001_2_00007FF6472A7000
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF6472A7E741_2_00007FF6472A7E74
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF64728CE6B1_2_00007FF64728CE6B
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF64728CE411_2_00007FF64728CE41
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF64728CE9B1_2_00007FF64728CE9B
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF64728CE831_2_00007FF64728CE83
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF64728CEBB1_2_00007FF64728CEBB
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF64728CEF81_2_00007FF64728CEF8
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF647296DE01_2_00007FF647296DE0
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF647299E301_2_00007FF647299E30
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF6472A6E141_2_00007FF6472A6E14
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF64729CC601_2_00007FF64729CC60
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF6472A6C281_2_00007FF6472A6C28
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF6472B6A841_2_00007FF6472B6A84
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF6472B0AC41_2_00007FF6472B0AC4
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF6472B29381_2_00007FF6472B2938
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 2_2_00007FF7E99D21F02_2_00007FF7E99D21F0
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 2_2_00007FF7E99E49802_2_00007FF7E99E4980
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 2_2_00007FF7E99E04C82_2_00007FF7E99E04C8
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 2_2_00007FF7E99DBBC02_2_00007FF7E99DBBC0
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 2_2_00007FF7E99E0B482_2_00007FF7E99E0B48
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 2_2_00007FF7E99E93782_2_00007FF7E99E9378
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 2_2_00007FF7E99DBDAC2_2_00007FF7E99DBDAC
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 2_2_00007FF7E99DCE042_2_00007FF7E99DCE04
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 2_2_00007FF7E99E4E0C2_2_00007FF7E99E4E0C
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 2_2_00007FF7E99E20482_2_00007FF7E99E2048
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 2_2_00007FF7E99E00182_2_00007FF7E99E0018
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 2_2_00007FF7E99DF0602_2_00007FF7E99DF060
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 2_2_00007FF7E99DBF982_2_00007FF7E99DBF98
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C778E04_2_00007FF7E6C778E0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C696204_2_00007FF7E6C69620
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C5B3504_2_00007FF7E6C5B350
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C874504_2_00007FF7E6C87450
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C6E0104_2_00007FF7E6C6E010
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C661004_2_00007FF7E6C66100
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C6ED304_2_00007FF7E6C6ED30
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C5FB404_2_00007FF7E6C5FB40
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6BF9AA04_2_00007FF7E6BF9AA0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C217E04_2_00007FF7E6C217E0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C038004_2_00007FF7E6C03800
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C6E8004_2_00007FF7E6C6E800
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C187B04_2_00007FF7E6C187B0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C517B04_2_00007FF7E6C517B0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C177D04_2_00007FF7E6C177D0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C8C7C84_2_00007FF7E6C8C7C8
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C567D04_2_00007FF7E6C567D0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C597604_2_00007FF7E6C59760
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6D1D7684_2_00007FF7E6D1D768
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CCF7384_2_00007FF7E6CCF738
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C168E04_2_00007FF7E6C168E0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C4B8FC4_2_00007FF7E6C4B8FC
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CC49004_2_00007FF7E6CC4900
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C0E8A74_2_00007FF7E6C0E8A7
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C4B89F4_2_00007FF7E6C4B89F
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6D0E8584_2_00007FF7E6D0E858
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CB18804_2_00007FF7E6CB1880
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CFC8804_2_00007FF7E6CFC880
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C378304_2_00007FF7E6C37830
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C498304_2_00007FF7E6C49830
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C6C8504_2_00007FF7E6C6C850
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6D138304_2_00007FF7E6D13830
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C4B8424_2_00007FF7E6C4B842
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C015A04_2_00007FF7E6C015A0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C2E5B04_2_00007FF7E6C2E5B0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CB15D04_2_00007FF7E6CB15D0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C5C5D04_2_00007FF7E6C5C5D0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C525D04_2_00007FF7E6C525D0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C9D5C04_2_00007FF7E6C9D5C0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6BFF5604_2_00007FF7E6BFF560
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6D0E5704_2_00007FF7E6D0E570
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6D185484_2_00007FF7E6D18548
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6D115204_2_00007FF7E6D11520
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CC46F04_2_00007FF7E6CC46F0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C2A7004_2_00007FF7E6C2A700
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C7E6D04_2_00007FF7E6C7E6D0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6BFB6604_2_00007FF7E6BFB660
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C4F6704_2_00007FF7E6C4F670
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6D036584_2_00007FF7E6D03658
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6BF36804_2_00007FF7E6BF3680
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C206804_2_00007FF7E6C20680
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C2E6804_2_00007FF7E6C2E680
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C974104_2_00007FF7E6C97410
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6BFB3B04_2_00007FF7E6BFB3B0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C893C24_2_00007FF7E6C893C2
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C963704_2_00007FF7E6C96370
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6D143604_2_00007FF7E6D14360
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C5D3804_2_00007FF7E6C5D380
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6D123344_2_00007FF7E6D12334
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C714F04_2_00007FF7E6C714F0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CC15104_2_00007FF7E6CC1510
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C774A04_2_00007FF7E6C774A0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CDC45C4_2_00007FF7E6CDC45C
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C6E4904_2_00007FF7E6C6E490
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C0C4804_2_00007FF7E6C0C480
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C454304_2_00007FF7E6C45430
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C401F04_2_00007FF7E6C401F0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C621F04_2_00007FF7E6C621F0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CFD2104_2_00007FF7E6CFD210
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C5C1CB4_2_00007FF7E6C5C1CB
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C6B1904_2_00007FF7E6C6B190
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CC01804_2_00007FF7E6CC0180
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6D191404_2_00007FF7E6D19140
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CBA1204_2_00007FF7E6CBA120
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CB52E04_2_00007FF7E6CB52E0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C5E2654_2_00007FF7E6C5E265
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C042904_2_00007FF7E6C04290
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C0E2204_2_00007FF7E6C0E220
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C48FEE4_2_00007FF7E6C48FEE
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C47FF04_2_00007FF7E6C47FF0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CF0FDC4_2_00007FF7E6CF0FDC
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C930004_2_00007FF7E6C93000
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C4DFFF4_2_00007FF7E6C4DFFF
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C63FB04_2_00007FF7E6C63FB0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C73FB04_2_00007FF7E6C73FB0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C48F994_2_00007FF7E6C48F99
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C1AFC04_2_00007FF7E6C1AFC0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6D0CF584_2_00007FF7E6D0CF58
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CB3F8C4_2_00007FF7E6CB3F8C
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CBCF804_2_00007FF7E6CBCF80
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C45F804_2_00007FF7E6C45F80
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C46F504_2_00007FF7E6C46F50
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C48F414_2_00007FF7E6C48F41
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CFF0D84_2_00007FF7E6CFF0D8
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C4A1104_2_00007FF7E6C4A110
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C2A1004_2_00007FF7E6C2A100
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C930B14_2_00007FF7E6C930B1
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6BFB0A04_2_00007FF7E6BFB0A0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C3C0B04_2_00007FF7E6C3C0B0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CBD0A04_2_00007FF7E6CBD0A0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C7E0D04_2_00007FF7E6C7E0D0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CFE0B84_2_00007FF7E6CFE0B8
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C930584_2_00007FF7E6C93058
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6D0905C4_2_00007FF7E6D0905C
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C930784_2_00007FF7E6C93078
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C6C0804_2_00007FF7E6C6C080
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C930284_2_00007FF7E6C93028
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CFD0284_2_00007FF7E6CFD028
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C930404_2_00007FF7E6C93040
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CBE0404_2_00007FF7E6CBE040
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C48DE14_2_00007FF7E6C48DE1
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CB0DC04_2_00007FF7E6CB0DC0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CBDD704_2_00007FF7E6CBDD70
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C3DD704_2_00007FF7E6C3DD70
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CC1D604_2_00007FF7E6CC1D60
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C41D604_2_00007FF7E6C41D60
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C48D894_2_00007FF7E6C48D89
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C50D904_2_00007FF7E6C50D90
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CA7D804_2_00007FF7E6CA7D80
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C8FD814_2_00007FF7E6C8FD81
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C48D314_2_00007FF7E6C48D31
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C76D304_2_00007FF7E6C76D30
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6BFDD304_2_00007FF7E6BFDD30
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C43D404_2_00007FF7E6C43D40
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C48EE94_2_00007FF7E6C48EE9
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C85EF04_2_00007FF7E6C85EF0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C95EB04_2_00007FF7E6C95EB0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6D18EC44_2_00007FF7E6D18EC4
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C68EA04_2_00007FF7E6C68EA0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CBBE704_2_00007FF7E6CBBE70
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C70E604_2_00007FF7E6C70E60
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CB4E904_2_00007FF7E6CB4E90
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C64E904_2_00007FF7E6C64E90
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C48E914_2_00007FF7E6C48E91
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C96E804_2_00007FF7E6C96E80
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CB1E804_2_00007FF7E6CB1E80
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C01E904_2_00007FF7E6C01E90
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C56E304_2_00007FF7E6C56E30
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C7DE304_2_00007FF7E6C7DE30
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C48E394_2_00007FF7E6C48E39
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CFCE3C4_2_00007FF7E6CFCE3C
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6BF4C004_2_00007FF7E6BF4C00
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C48C104_2_00007FF7E6C48C10
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C22BD04_2_00007FF7E6C22BD0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C26B704_2_00007FF7E6C26B70
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C79B704_2_00007FF7E6C79B70
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C4BB274_2_00007FF7E6C4BB27
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C71B304_2_00007FF7E6C71B30
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6D03B504_2_00007FF7E6D03B50
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CB9CF04_2_00007FF7E6CB9CF0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C04D004_2_00007FF7E6C04D00
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6D13CE04_2_00007FF7E6D13CE0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CFED0C4_2_00007FF7E6CFED0C
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C4ACC34_2_00007FF7E6C4ACC3
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C79C904_2_00007FF7E6C79C90
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CB5C304_2_00007FF7E6CB5C30
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C1BC304_2_00007FF7E6C1BC30
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CFCC544_2_00007FF7E6CFCC54
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C4BA134_2_00007FF7E6C4BA13
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C75A104_2_00007FF7E6C75A10
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CC0A004_2_00007FF7E6CC0A00
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C449B04_2_00007FF7E6C449B0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C4B9B64_2_00007FF7E6C4B9B6
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C549C04_2_00007FF7E6C549C0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C4B9594_2_00007FF7E6C4B959
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C9C9904_2_00007FF7E6C9C990
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C239904_2_00007FF7E6C23990
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C799904_2_00007FF7E6C79990
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C6A9204_2_00007FF7E6C6A920
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CCC9504_2_00007FF7E6CCC950
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C3EB104_2_00007FF7E6C3EB10
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CA7AB04_2_00007FF7E6CA7AB0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C4BACD4_2_00007FF7E6C4BACD
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C72AD04_2_00007FF7E6C72AD0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CB2AC04_2_00007FF7E6CB2AC0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6D05A704_2_00007FF7E6D05A70
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C4BA704_2_00007FF7E6C4BA70
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CFCA684_2_00007FF7E6CFCA68
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C40A904_2_00007FF7E6C40A90
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C97A804_2_00007FF7E6C97A80
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6BFCA304_2_00007FF7E6BFCA30
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: String function: 0046FEFC appears 42 times
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: String function: 004707A0 appears 31 times
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: String function: 0046FFD0 appears 56 times
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: String function: 00007FF7E6C86E30 appears 100 times
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: String function: 00007FF7E6CF65D0 appears 51 times
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: String function: 00007FF7E6C9DE30 appears 220 times
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: String function: 00007FF7E6C7BE10 appears 38 times
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: String function: 00007FF7E6C7BC50 appears 45 times
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: String function: 00007FF7E6C65910 appears 46 times
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: String function: 00007FF7E6CB67F0 appears 49 times
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: String function: 00007FF7E6D06054 appears 35 times
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: String function: 00007FF7E6C9E0B0 appears 110 times
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: String function: 00007FF7E6BF6070 appears 94 times
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: String function: 00007FF647292840 appears 126 times
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: String function: 00007FF6472923D0 appears 102 times
Source: pl_rsrc_bulgarian.dll.0.drStatic PE information: Resource name: RT_STRING type: COM executable for DOS
Source: pl_rsrc_french.dll.0.drStatic PE information: Resource name: RT_STRING type: PDP-11 demand-paged pure executable not stripped
Source: pl_rsrc_french.dll.0.drStatic PE information: Resource name: RT_STRING type: x86 executable (TV) not stripped
Source: pl_rsrc_french.dll.0.drStatic PE information: Resource name: RT_STRING type: MIPSEB-LE MIPS-III ECOFF executable not stripped - version 0.115
Source: pl_rsrc_german.dll.0.drStatic PE information: Resource name: RT_STRING type: DOS executable (COM, 0x8C-variant)
Source: pl_rsrc_italian.dll.0.drStatic PE information: Resource name: RT_STRING type: COM executable for DOS
Source: pl_rsrc_korean.dll.0.drStatic PE information: Resource name: RT_STRING type: COM executable for DOS
Source: pl_rsrc_russian.dll.0.drStatic PE information: Resource name: RT_STRING type: DOS executable (COM, 0x8C-variant)
Source: pl_rsrc_slovenian.dll.0.drStatic PE information: Resource name: RT_STRING type: VAX COFF pure executable, sections 78, created Sun Mar 29 05:32:17 1970, not stripped, version 110
Source: pl_rsrc_spanish.dll.0.drStatic PE information: Resource name: RT_STRING type: PDP-11 demand-paged pure executable not stripped
Source: pl_rsrc_korean.dll.0.drStatic PE information: No import functions for PE file found
Source: pl_rsrc_russian.dll.0.drStatic PE information: No import functions for PE file found
Source: pl_rsrc_english.dll.0.drStatic PE information: No import functions for PE file found
Source: pl_rsrc_spanish.dll.0.drStatic PE information: No import functions for PE file found
Source: pl_rsrc_french.dll.0.drStatic PE information: No import functions for PE file found
Source: pl_rsrc_chinese_traditional.dll.0.drStatic PE information: No import functions for PE file found
Source: pl_rsrc_german.dll.0.drStatic PE information: No import functions for PE file found
Source: pl_rsrc_polish.dll.0.drStatic PE information: No import functions for PE file found
Source: pl_rsrc_japanese.dll.0.drStatic PE information: No import functions for PE file found
Source: pl_rsrc_italian.dll.0.drStatic PE information: No import functions for PE file found
Source: pl_rsrc_slovenian.dll.0.drStatic PE information: No import functions for PE file found
Source: pl_rsrc_finnish.dll.0.drStatic PE information: No import functions for PE file found
Source: pl_rsrc_chinese.dll.0.drStatic PE information: No import functions for PE file found
Source: pl_rsrc_ptbr.dll.0.drStatic PE information: No import functions for PE file found
Source: pl_rsrc_bulgarian.dll.0.drStatic PE information: No import functions for PE file found
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007116000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameprocesslassolauncher.exe< vs SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007116000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenametestlasso.exe< vs SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000083A2000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamepl_rsrc_english.dll< vs SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007B26000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamepl_rsrc_english.dll< vs SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006D11000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamepl_rsrc_english.dll< vs SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006E42000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamepl_rsrc_english.dll< vs SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007661000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamepl_rsrc_english.dll< vs SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000070AC000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameprocesslasso.exe< vs SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007829000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamepl_rsrc_english.dll< vs SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000073BC000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamepl_rsrc_english.dll< vs SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007D10000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamepl_rsrc_english.dll< vs SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007F06000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamepl_rsrc_english.dll< vs SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000079F7000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamepl_rsrc_english.dll< vs SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000081B6000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamepl_rsrc_english.dll< vs SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008574000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamepl_rsrc_english.dll< vs SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000071D5000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamethreadracer.exe8 vs SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.000000000887A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamepl_rsrc_english.dll< vs SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008748000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamepl_rsrc_english.dll< vs SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006FAF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamequickupgrade.exe< vs SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000072C5000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamevistammsc.exep( vs SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006B28000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamepl_rsrc_english.dll< vs SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.000000000726E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenametweaksch.exe> vs SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
Source: classification engineClassification label: sus31.evad.winEXE@120/207@42/16
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_00457727 GetLastError,FormatMessageW,0_2_00457727
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C5FB40 GetTickCount64,GetSystemInfo,GetVersionExW,MessageBoxW,SetUnhandledExceptionFilter,InitializeCriticalSection,InitializeCriticalSection,CreateEventW,CreateEventW,CoInitializeEx,CoInitializeSecurity,InitCommonControlsEx,#17,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,OpenEventW,SetEvent,CloseHandle,RegOpenKeyExW,RegQueryValueExW,RegCloseKey,RegCloseKey,GetSystemInfo,RegCreateKeyExW,RegSetValueExW,RegCloseKey,RegCreateKeyExW,RegSetValueExW,RegCloseKey,RegCreateKeyExW,RegSetValueExW,RegCloseKey,RegCreateKeyExW,RegSetValueExW,RegCloseKey,RegCreateKeyExW,RegSetValueExW,RegCloseKey,CreateEventW,SetEvent,CloseHandle,OpenProcess,WaitForSingleObject,CloseHandle,Sleep,EnterCriticalSection,LeaveCriticalSection,EnterCriticalSection,LeaveCriticalSection,EnterCriticalSection,GetCurrentDirectoryW,LeaveCriticalSection,EnterCriticalSection,GetCurrentDirectoryW,LeaveCriticalSection,LeaveCriticalSection,LoadStringW,LoadLibraryW,GetModuleHandleW,LoadStringW,MessageBoxW,OpenProcess,Sleep,WaitForSingleObject,CloseHandle,FindWindowW,FindWindowW,PostMessageW,LoadStringW,LoadLibraryW,GetModuleHandleW,LoadStringW,MessageBoxW,ShellExecuteW,LoadStringW,LoadLibraryW,GetModuleHandleW,LoadStringW,GdiplusStartup,CreateEventW,LoadLibraryW,LoadStringW,LoadLibraryW,GetModuleHandleW,LoadStringW,MessageBoxW,SetProcessShutdownParameters,GetCommandLineW,CreateThread,WaitForSingleObject,DialogBoxParamW,DialogBoxParamW,DialogBoxParamW,DialogBoxParamW,DialogBoxParamW,MessageBoxW,ExitProcess,CreateThread,RegOpenKeyExW,RegQueryValueExW,RegCloseKey,DialogBoxParamW,LoadStringW,LoadLibraryW,GetModuleHandleW,LoadStringW,GetModuleHandleW,LoadAcceleratorsW,RegOpenKeyExW,RegQueryValueExW,RegCloseKey,GetActiveProcessorCount,GetModuleHandleW,LoadIconW,CreateEventW,SetEvent,WaitForSingleObject,TerminateThread,ResetEvent,CreateThread,CreateThread,CreateThread,CreateThread,OpenMutexW,OpenMutexW,CloseHandle,Sleep,CreateThread,CreateThread,CreateThread,GetFileAttributesW,PostMessageW,GetMessageW,TranslateAcceleratorW,TranslateMessage,DispatchMessageW,GetMessageW,CloseHandle,CloseHandle,SetEvent,Shell_NotifyIconW,Sleep,CreateEventW,SetEvent,WaitForSingleObject,TerminateThread,GdiplusShutdown,DeleteCriticalSection,CloseHandle,CloseHandle,CloseHandle,CloseHandle,CloseHandle,DeleteCriticalSection,SetEvent,WaitForSingleObject,TerminateThread,RegCloseKey,LoadStringW,LoadLibraryW,GetModuleHandleW,LoadStringW,4_2_00007FF7E6C5FB40
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C68690 OpenProcess,SetProcessAffinityMask,CreateToolhelp32Snapshot,Thread32First,OpenThread,SetThreadGroupAffinity,CloseHandle,Thread32Next,CloseHandle,GetActiveProcessorGroupCount,GetModuleHandleW,GetProcAddress,OpenProcess,CloseHandle,SetProcessAffinityMask,CloseHandle,4_2_00007FF7E6C68690
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF64727D820 CoInitializeEx,CoCreateInstance,LoadStringW,LoadLibraryW,GetModuleHandleW,LoadStringW,MessageBoxW,VariantInit,VariantInit,VariantInit,VariantInit,VariantClear,VariantClear,VariantClear,VariantClear,LoadStringW,LoadLibraryW,GetModuleHandleW,LoadStringW,MessageBoxW,SysAllocString,LoadStringW,LoadLibraryW,GetModuleHandleW,LoadStringW,MessageBoxW,SysAllocString,LoadStringW,LoadLibraryW,GetModuleHandleW,LoadStringW,MessageBoxW,MessageBoxW,MessageBoxW,CoUninitialize,SysAllocString,SysAllocString,MessageBoxW,_invalid_parameter_noinfo,SysAllocString,SysAllocString,SysAllocString,VariantInit,SysAllocString,VariantClear,VariantClear,VariantClear,MessageBoxW,CoUninitialize,CoUninitialize,_invalid_parameter_noinfo,1_2_00007FF64727D820
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_0046B6D2 FindResourceW,SizeofResource,LoadResource,LockResource,GlobalAlloc,GlobalLock,GdipCreateHBITMAPFromBitmap,GlobalUnlock,GlobalFree,0_2_0046B6D2
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF647296FC0 OpenSCManagerW,OpenServiceW,QueryServiceStatus,StartServiceW,CloseServiceHandle,CloseServiceHandle,CloseServiceHandle,CloseServiceHandle,1_2_00007FF647296FC0
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeFile created: C:\Users\user\Desktop\__tmp_rar_sfx_access_check_4167031Jump to behavior
Source: C:\Users\user\Desktop\bitsumsessionagent.exeMutant created: \Sessions\1\BaseNamedObjects\Local\{878ec006-8bb7-4487-a9d9-6ab726fdad61}
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCommand line argument: sfxname0_2_0046F05C
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCommand line argument: sfxstime0_2_0046F05C
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCommand line argument: p0I0_2_0046F05C
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCommand line argument: STARTDLG0_2_0046F05C
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeFile read: C:\Windows\win.iniJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: ProcessLasso.exeString found in binary or memory: /stopafter=
Source: ProcessLasso.exeString found in binary or memory: /stopafter=
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeFile read: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeJump to behavior
Source: unknownProcess created: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe "C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe"
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeProcess created: C:\Users\user\Desktop\PostUpdate.exe "C:\Users\user\Desktop\PostUpdate.exe"
Source: unknownProcess created: C:\Users\user\Desktop\bitsumsessionagent.exe C:\Users\user\Desktop\bitsumsessionagent.exe ----------------------------------------------------------------
Source: unknownProcess created: C:\Users\user\Desktop\bitsumsessionagent.exe C:\Users\user\Desktop\bitsumsessionagent.exe ----------------------------------------------------------------
Source: C:\Users\user\Desktop\PostUpdate.exeProcess created: C:\Users\user\Desktop\ProcessLasso.exe /postupdate
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2128 --field-trial-handle=2008,i,15519515346526546949,12768663373264760233,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 --field-trial-handle=1984,i,5106367926550211044,9373728312157229491,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1740 --field-trial-handle=1996,i,7114810720293782166,12932913640708286940,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2016 --field-trial-handle=1984,i,2617033844371038707,2385638837885236536,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1996 --field-trial-handle=1948,i,16641894259137025231,17552674618342249670,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2040 --field-trial-handle=1984,i,18071265613074346824,7565659784721279921,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1884 --field-trial-handle=1952,i,13378929248748638004,16609101256085625740,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2040 --field-trial-handle=1976,i,556397286523747728,13715138569827133155,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 --field-trial-handle=1992,i,3103486031131948529,12771731290429994548,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1976 --field-trial-handle=2000,i,4281038644087026732,4404549652330960055,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1840 --field-trial-handle=1984,i,16754105667391397097,1628277584012059700,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2024 --field-trial-handle=1988,i,13307509518589281415,1496618762875588576,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 --field-trial-handle=1984,i,10167203328593902513,15389311701757241189,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1872 --field-trial-handle=1724,i,14353911626792566164,9578348925622307936,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 --field-trial-handle=1988,i,7229309035351989711,14618348612749984897,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeProcess created: C:\Users\user\Desktop\PostUpdate.exe "C:\Users\user\Desktop\PostUpdate.exe" Jump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeProcess created: C:\Users\user\Desktop\ProcessLasso.exe /postupdateJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2040 --field-trial-handle=1976,i,556397286523747728,13715138569827133155,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2128 --field-trial-handle=2008,i,15519515346526546949,12768663373264760233,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 --field-trial-handle=1984,i,5106367926550211044,9373728312157229491,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1740 --field-trial-handle=1996,i,7114810720293782166,12932913640708286940,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2016 --field-trial-handle=1984,i,2617033844371038707,2385638837885236536,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1996 --field-trial-handle=1948,i,16641894259137025231,17552674618342249670,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1872 --field-trial-handle=1724,i,14353911626792566164,9578348925622307936,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2040 --field-trial-handle=1984,i,18071265613074346824,7565659784721279921,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1884 --field-trial-handle=1952,i,13378929248748638004,16609101256085625740,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2040 --field-trial-handle=1976,i,556397286523747728,13715138569827133155,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 --field-trial-handle=1992,i,3103486031131948529,12771731290429994548,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1976 --field-trial-handle=2000,i,4281038644087026732,4404549652330960055,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1840 --field-trial-handle=1984,i,16754105667391397097,1628277584012059700,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2024 --field-trial-handle=1988,i,13307509518589281415,1496618762875588576,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 --field-trial-handle=1984,i,10167203328593902513,15389311701757241189,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1872 --field-trial-handle=1724,i,14353911626792566164,9578348925622307936,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 --field-trial-handle=1988,i,7229309035351989711,14618348612749984897,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: <pi-ms-win-core-synch-l1-2-0.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: <pi-ms-win-core-fibers-l1-1-1.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: <pi-ms-win-core-synch-l1-2-0.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: <pi-ms-win-core-fibers-l1-1-1.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: <pi-ms-win-core-localization-l1-2-1.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: version.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: dxgidebug.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: sfc_os.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: dwmapi.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: riched20.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: usp10.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: msls31.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: windowscodecs.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: textshaping.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: wldp.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: propsys.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: edputil.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: netutils.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: windows.staterepositoryps.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: appresolver.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: bcp47langs.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: slc.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: sppc.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: onecorecommonproxystub.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: pcacli.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeSection loaded: mpr.dllJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeSection loaded: pl_rsrc_english.dllJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeSection loaded: powrprof.dllJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeSection loaded: umpdc.dllJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeSection loaded: wldp.dllJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeSection loaded: profapi.dllJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeSection loaded: taskschd.dllJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeSection loaded: xmllite.dllJump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Users\user\Desktop\bitsumsessionagent.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Users\user\Desktop\bitsumsessionagent.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Users\user\Desktop\bitsumsessionagent.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Users\user\Desktop\bitsumsessionagent.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: version.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: pdh.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wtsapi32.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: dbghelp.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wininet.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: dbgcore.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: powrprof.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: umpdc.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wldp.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: profapi.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: pl_rsrc_english.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: textshaping.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: propsys.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: netutils.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: windows.shell.servicehostbuilder.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: ieframe.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: windows.staterepositoryps.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: edputil.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: secur32.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: mlang.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: policymanager.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: msvcp110_win.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: onecorecommonproxystub.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: ieframe.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: ieframe.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: ieframe.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: ieframe.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: ieframe.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: ieframe.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: ieframe.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: ieframe.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: ieframe.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: ieframe.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: ieframe.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: ieframe.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: ieframe.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: ieframe.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{00BB2765-6A77-11D0-A535-00C04FD7D062}\InProcServer32Jump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeFile written: C:\Users\user\AppData\Local\ProcessLasso\config\prolasso.iniJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Users\user\Desktop\ProcessLasso.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\16.0\Access\Capabilities\UrlAssociationsJump to behavior
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeStatic PE information: certificate valid
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeStatic file information: File size 2995928 > 1048576
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IMPORT
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_RESOURCE
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_BASERELOC
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IAT
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, GUARD_CF, TERMINAL_SERVER_AWARE
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_korean.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000083A2000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_korean.dll.0.dr
Source: Binary string: c:\pl\output\pl_rsrc_polish.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008574000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_polish.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\LogViewer.pdb source: LogViewer.exe.0.dr
Source: Binary string: c:\pl\output\pl_rsrc_ptbr.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008748000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_ptbr.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_french.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007B26000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_french.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_bulgarian.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000072C5000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_bulgarian.dll.0.dr
Source: Binary string: c:\pl\output\testlasso.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007116000.00000004.00000020.00020000.00000000.sdmp, testlasso.exe.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_japanese.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000081B6000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_japanese.dll.0.dr
Source: Binary string: c:\pl\output\PostUpdate.pdb source: PostUpdate.exe, 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmp, PostUpdate.exe, 00000001.00000000.1652854987.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmp, PostUpdate.exe.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_german.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007D10000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_german.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_chinese_traditional.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007661000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_chinese_traditional.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\QuickUpgrade.pdb$ source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006E42000.00000004.00000020.00020000.00000000.sdmp, QuickUpgrade.exe.1.dr, QuickUpgrade.exe.Replacement.0.dr
Source: Binary string: c:\pl\output\InstallHelper.pdbi source: InstallHelper.exe.0.dr
Source: Binary string: c:\pl\output\PostUpdate.pdbZ source: PostUpdate.exe, 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmp, PostUpdate.exe, 00000001.00000000.1652854987.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmp, PostUpdate.exe.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\Insights.pdb source: Insights.exe.0.dr
Source: Binary string: c:\pl\output\pl_rsrc_finnish.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000079F7000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_finnish.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_slovenian.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006B28000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_slovenian.dll.0.dr
Source: Binary string: c:\pl\output\pl_rsrc_italian.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007F06000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_italian.dll.0.dr
Source: Binary string: c:\pl\output\vistammsc.exe.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.000000000726E000.00000004.00000020.00020000.00000000.sdmp, vistammsc.exe.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_german.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007D10000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_german.dll.0.dr
Source: Binary string: c:\pl\output\CPUEater.pdb` source: CPUEater.exe.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\Insights.pdbd source: Insights.exe.0.dr
Source: Binary string: D:\Projects\WinRAR\sfx\build\sfxrar32\Release\sfxrar.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
Source: Binary string: c:\pl\output\pl_rsrc_russian.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.000000000887A000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_russian.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_chinese.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000073BC000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_chinese.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\LogViewer.pdbJ source: LogViewer.exe.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_french.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007B26000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_french.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_chinese.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000073BC000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_chinese.dll.0.dr
Source: Binary string: c:\pl\output\ProcessLassoLauncher.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000070AC000.00000004.00000020.00020000.00000000.sdmp, ProcessLassoLauncher.exe.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_slovenian.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006B28000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_slovenian.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\QuickUpgrade.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006E42000.00000004.00000020.00020000.00000000.sdmp, QuickUpgrade.exe.1.dr, QuickUpgrade.exe.Replacement.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_bulgarian.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000072C5000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_bulgarian.dll.0.dr
Source: Binary string: c:\pl\output\ProcessGovernor.pdbGCTL source: ProcessGovernor.exe.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\x64\Release\bitsumsessionagent.pdb source: bitsumsessionagent.exe, 00000002.00000002.2879821342.00007FF7E99EB000.00000002.00000001.01000000.0000000C.sdmp, bitsumsessionagent.exe, 00000002.00000000.1663989043.00007FF7E99EB000.00000002.00000001.01000000.0000000C.sdmp, bitsumsessionagent.exe, 00000003.00000002.1688973134.00007FF7E99EB000.00000002.00000001.01000000.0000000C.sdmp, bitsumsessionagent.exe, 00000003.00000000.1680227560.00007FF7E99EB000.00000002.00000001.01000000.0000000C.sdmp, bitsumsessionagent.exe.0.dr
Source: Binary string: c:\pl\output\pl_rsrc_finnish.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000079F7000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_finnish.dll.0.dr
Source: Binary string: c:\pl\output\pl_rsrc_italian.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007F06000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_italian.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_chinese_traditional.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007661000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_chinese_traditional.dll.0.dr
Source: Binary string: c:\pl\output\CPUEater.pdb source: CPUEater.exe.0.dr
Source: Binary string: c:\pl\output\ProcessGovernor.pdb source: ProcessGovernor.exe.0.dr
Source: Binary string: c:\pl\output\ThreadRacer.exe.pdbS source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007116000.00000004.00000020.00020000.00000000.sdmp, ThreadRacer.exe.0.dr
Source: Binary string: c:\pl\output\pl_rsrc_russian.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.000000000887A000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_russian.dll.0.dr
Source: Binary string: c:\pl\output\InstallHelper.pdb source: InstallHelper.exe.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_japanese.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000081B6000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_japanese.dll.0.dr
Source: Binary string: c:\pl\output\vistammsc.exe.pdbY source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.000000000726E000.00000004.00000020.00020000.00000000.sdmp, vistammsc.exe.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\pl_rsrc_spanish.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006D11000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_spanish.dll.0.dr
Source: Binary string: c:\pl\output\ThreadRacer.exe.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007116000.00000004.00000020.00020000.00000000.sdmp, ThreadRacer.exe.0.dr
Source: Binary string: c:\pl\output\pl_rsrc_ptbr.pdbGCTL source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008748000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_ptbr.dll.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\ProcessLasso.pdb source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006FAF000.00000004.00000020.00020000.00000000.sdmp, ProcessLasso.exe, 00000004.00000000.1681252064.00007FF7E6D2F000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe, 00000004.00000002.2882313735.00007FF7E6D2F000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe.0.dr
Source: Binary string: C:\dev\projs\ProcessSupervisor\output\plActivate.pdb source: plActivate.exe.0.dr
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IMPORT is in: .rdata
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_RESOURCE is in: .rsrc
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_BASERELOC is in: .reloc
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG is in: .rdata
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IAT is in: .rdata
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF6472974D0 LoadLibraryW,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,LoadLibraryW,1_2_00007FF6472974D0
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeFile created: C:\Users\user\Desktop\__tmp_rar_sfx_access_check_4167031Jump to behavior
Source: plActivate.exe.0.drStatic PE information: real checksum: 0x369a0 should be: 0x3699f
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeStatic PE information: section name: .didat
Source: ProcessLasso.exe.0.drStatic PE information: section name: _RDATA
Source: ProcessLassoLauncher.exe.0.drStatic PE information: section name: _RDATA
Source: testlasso.exe.0.drStatic PE information: section name: _RDATA
Source: ThreadRacer.exe.0.drStatic PE information: section name: _RDATA
Source: TweakScheduler.exe.0.drStatic PE information: section name: memcpy_
Source: TweakScheduler.exe.0.drStatic PE information: section name: _RDATA
Source: vistammsc.exe.0.drStatic PE information: section name: _RDATA
Source: bitsumsessionagent.exe.0.drStatic PE information: section name: _RDATA
Source: CPUEater.exe.0.drStatic PE information: section name: _RDATA
Source: Insights.exe.0.drStatic PE information: section name: _RDATA
Source: InstallHelper.exe.0.drStatic PE information: section name: _RDATA
Source: LogViewer.exe.0.drStatic PE information: section name: _RDATA
Source: plActivate.exe.0.drStatic PE information: section name: _RDATA
Source: PostUpdate.exe.0.drStatic PE information: section name: _RDATA
Source: ProcessGovernor.exe.0.drStatic PE information: section name: _RDATA
Source: QuickUpgrade.exe.Replacement.0.drStatic PE information: section name: _RDATA
Source: QuickUpgrade.exe.1.drStatic PE information: section name: _RDATA
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_004707F0 push ecx; ret 0_2_00470803
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_0046FEFC push eax; ret 0_2_0046FF1A
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF6472BBD8C push rax; ret 1_2_00007FF6472BBD8D
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C378C0 pushfq ; retf 4_2_00007FF7E6C37AFD
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C83B8A push rax; ret 4_2_00007FF7E6C83B8D
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeFile created: C:\Users\user\Desktop\testlasso.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeFile created: C:\Users\user\Desktop\pl_rsrc_slovenian.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeFile created: C:\Users\user\Desktop\pl_rsrc_italian.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeFile created: C:\Users\user\Desktop\pl_rsrc_english.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeFile created: C:\Users\user\Desktop\CPUEater.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeFile created: C:\Users\user\Desktop\pl_rsrc_ptbr.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeFile created: C:\Users\user\Desktop\TweakScheduler.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeFile created: C:\Users\user\Desktop\vistammsc.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeFile created: C:\Users\user\Desktop\QuickUpgrade.exe.ReplacementJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeFile created: C:\Users\user\Desktop\ProcessLasso.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeFile created: C:\Users\user\Desktop\ProcessGovernor.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeFile created: C:\Users\user\Desktop\pl_rsrc_japanese.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeFile created: C:\Users\user\Desktop\Insights.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeFile created: C:\Users\user\Desktop\bitsumsessionagent.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeFile created: C:\Users\user\Desktop\PostUpdate.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeFile created: C:\Users\user\Desktop\pl_rsrc_korean.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeFile created: C:\Users\user\Desktop\pl_rsrc_bulgarian.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeFile created: C:\Users\user\Desktop\ThreadRacer.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeFile created: C:\Users\user\Desktop\ProcessLassoLauncher.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeFile created: C:\Users\user\Desktop\pl_rsrc_french.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeFile created: C:\Users\user\Desktop\InstallHelper.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeFile created: C:\Users\user\Desktop\pl_rsrc_polish.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeFile created: C:\Users\user\Desktop\LogViewer.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeFile created: C:\Users\user\Desktop\plActivate.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeFile created: C:\Users\user\Desktop\pl_rsrc_russian.dllJump to dropped file
Source: C:\Users\user\Desktop\PostUpdate.exeFile created: C:\Users\user\Desktop\QuickUpgrade.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeFile created: C:\Users\user\Desktop\pl_rsrc_chinese.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeFile created: C:\Users\user\Desktop\pl_rsrc_spanish.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeFile created: C:\Users\user\Desktop\pl_rsrc_chinese_traditional.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeFile created: C:\Users\user\Desktop\pl_rsrc_finnish.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeFile created: C:\Users\user\Desktop\pl_rsrc_german.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeFile created: C:\Users\user\Desktop\QuickUpgrade.exe.ReplacementJump to dropped file
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF647296FC0 OpenSCManagerW,OpenServiceW,QueryServiceStatus,StartServiceW,CloseServiceHandle,CloseServiceHandle,CloseServiceHandle,CloseServiceHandle,1_2_00007FF647296FC0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C5DEC0 IsWindowVisible,ShowWindow,IsIconic,ShowWindow,SendMessageW,ShowWindow,SetForegroundWindow,RegOpenKeyExW,RegQueryValueExW,RegCloseKey,RegCloseKey,ShowWindow,4_2_00007FF7E6C5DEC0
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF6472974D0 LoadLibraryW,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,LoadLibraryW,1_2_00007FF6472974D0
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CCAA20 CreateToolhelp32Snapshot,Thread32First,GetCurrentProcessId,GetCurrentThreadId,OpenThread,SuspendThread,CloseHandle,Thread32Next,CloseHandle,4_2_00007FF7E6CCAA20
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: OpenSCManagerW,EnumServicesStatusExW,GetLastError,EnumServicesStatusExW,CloseServiceHandle,std::_Throw_Cpp_error,std::_Throw_Cpp_error,std::_Throw_Cpp_error,std::_Throw_Cpp_error,4_2_00007FF7E6CBBE70
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeDropped PE file which has not been started: C:\Users\user\Desktop\pl_rsrc_slovenian.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeDropped PE file which has not been started: C:\Users\user\Desktop\testlasso.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeDropped PE file which has not been started: C:\Users\user\Desktop\pl_rsrc_italian.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeDropped PE file which has not been started: C:\Users\user\Desktop\CPUEater.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeDropped PE file which has not been started: C:\Users\user\Desktop\pl_rsrc_ptbr.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeDropped PE file which has not been started: C:\Users\user\Desktop\TweakScheduler.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeDropped PE file which has not been started: C:\Users\user\Desktop\vistammsc.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeDropped PE file which has not been started: C:\Users\user\Desktop\QuickUpgrade.exe.ReplacementJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeDropped PE file which has not been started: C:\Users\user\Desktop\ProcessGovernor.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeDropped PE file which has not been started: C:\Users\user\Desktop\pl_rsrc_japanese.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeDropped PE file which has not been started: C:\Users\user\Desktop\Insights.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeDropped PE file which has not been started: C:\Users\user\Desktop\pl_rsrc_korean.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeDropped PE file which has not been started: C:\Users\user\Desktop\pl_rsrc_bulgarian.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeDropped PE file which has not been started: C:\Users\user\Desktop\ThreadRacer.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeDropped PE file which has not been started: C:\Users\user\Desktop\ProcessLassoLauncher.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeDropped PE file which has not been started: C:\Users\user\Desktop\pl_rsrc_french.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeDropped PE file which has not been started: C:\Users\user\Desktop\InstallHelper.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeDropped PE file which has not been started: C:\Users\user\Desktop\pl_rsrc_polish.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeDropped PE file which has not been started: C:\Users\user\Desktop\LogViewer.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeDropped PE file which has not been started: C:\Users\user\Desktop\plActivate.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeDropped PE file which has not been started: C:\Users\user\Desktop\pl_rsrc_russian.dllJump to dropped file
Source: C:\Users\user\Desktop\PostUpdate.exeDropped PE file which has not been started: C:\Users\user\Desktop\QuickUpgrade.exeJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeDropped PE file which has not been started: C:\Users\user\Desktop\pl_rsrc_chinese.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeDropped PE file which has not been started: C:\Users\user\Desktop\pl_rsrc_spanish.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeDropped PE file which has not been started: C:\Users\user\Desktop\pl_rsrc_chinese_traditional.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeDropped PE file which has not been started: C:\Users\user\Desktop\pl_rsrc_finnish.dllJump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeDropped PE file which has not been started: C:\Users\user\Desktop\pl_rsrc_german.dllJump to dropped file
Source: C:\Users\user\Desktop\ProcessLasso.exeEvasive API call chain: GetSystemTimeAsFileTime,DecisionNodes
Source: C:\Users\user\Desktop\ProcessLasso.exeAPI coverage: 2.7 %
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C15275 GetSystemTimeAsFileTime followed by cmp: cmp byte ptr [00007ff7e6d71c25h], 00000001h and CTI: jne 00007FF7E6C1591Dh4_2_00007FF7E6C15275
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_0045BA94 FindFirstFileW,FindFirstFileW,GetLastError,FindNextFileW,GetLastError,0_2_0045BA94
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_0046D420 SendDlgItemMessageW,EndDialog,GetDlgItem,SetFocus,SetDlgItemTextW,SendDlgItemMessageW,FindFirstFileW,_swprintf,SetDlgItemTextW,FindClose,_swprintf,SetDlgItemTextW,SendDlgItemMessageW,_swprintf,SetDlgItemTextW,_swprintf,SetDlgItemTextW,0_2_0046D420
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF6472B6A84 _invalid_parameter_noinfo,FindFirstFileExW,FindNextFileW,FindClose,FindClose,1_2_00007FF6472B6A84
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 2_2_00007FF7E99E2048 _invalid_parameter_noinfo,FindFirstFileExW,FindNextFileW,FindClose,FindClose,2_2_00007FF7E99E2048
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CA21A0 DeleteFileW,DeleteFileW,RemoveDirectoryW,GetFileAttributesW,LoadStringW,LoadLibraryW,GetModuleHandleW,LoadStringW,MessageBoxW,FindFirstFileW,DeleteFileW,FindNextFileW,RemoveDirectoryW,GetFileAttributesW,4_2_00007FF7E6CA21A0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CA1C60 FindFirstFileW,GetFileAttributesW,FindNextFileW,_invalid_parameter_noinfo,4_2_00007FF7E6CA1C60
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_0046F82F VirtualQuery,GetSystemInfo,0_2_0046F82F
Source: ProcessLasso.exe, 00000004.00000002.2879653332.000002A8B2697000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: vmwareuser.exeWa
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000002.1656846047.0000000002572000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
Source: ProcessLasso.exe, 00000004.00000002.2879653332.000002A8B2697000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: vmtoolsd.exe?a
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000002.1656846047.0000000002572000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\
Source: ProcessLasso.exe, 00000004.00000002.2879653332.000002A8B2697000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: vmware-vmx.exe
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeAPI call chain: ExitProcess graph end nodegraph_0-25621
Source: C:\Users\user\Desktop\PostUpdate.exeAPI call chain: ExitProcess graph end nodegraph_1-32641
Source: C:\Users\user\Desktop\ProcessLasso.exeAPI call chain: ExitProcess graph end node
Source: C:\Users\user\Desktop\ProcessLasso.exeAPI call chain: ExitProcess graph end node
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_00470A0A IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_00470A0A
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF64729E5A8 InitializeCriticalSectionEx,GetLastError,IsDebuggerPresent,OutputDebugStringW,1_2_00007FF64729E5A8
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CCAA20 CreateToolhelp32Snapshot,Thread32First,GetCurrentProcessId,GetCurrentThreadId,OpenThread,SuspendThread,CloseHandle,Thread32Next,CloseHandle,4_2_00007FF7E6CCAA20
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF6472974D0 LoadLibraryW,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,LoadLibraryW,1_2_00007FF6472974D0
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_004791B0 mov eax, dword ptr fs:[00000030h]0_2_004791B0
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_0047D1F0 GetProcessHeap,0_2_0047D1F0
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess token adjusted: DebugJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_00470A0A IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_00470A0A
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_00470B9D SetUnhandledExceptionFilter,0_2_00470B9D
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_00470D8A SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,0_2_00470D8A
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_00474FEF IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_00474FEF
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF64729F670 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,1_2_00007FF64729F670
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF6472AA01C RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,1_2_00007FF6472AA01C
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF64729FD00 SetUnhandledExceptionFilter,1_2_00007FF64729FD00
Source: C:\Users\user\Desktop\PostUpdate.exeCode function: 1_2_00007FF64729FB1C IsProcessorFeaturePresent,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,1_2_00007FF64729FB1C
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 2_2_00007FF7E99D4184 IsProcessorFeaturePresent,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,2_2_00007FF7E99D4184
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 2_2_00007FF7E99D4368 SetUnhandledExceptionFilter,2_2_00007FF7E99D4368
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 2_2_00007FF7E99D3E40 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,2_2_00007FF7E99D3E40
Source: C:\Users\user\Desktop\bitsumsessionagent.exeCode function: 2_2_00007FF7E99DDD18 RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,2_2_00007FF7E99DDD18
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C5FB40 GetTickCount64,GetSystemInfo,GetVersionExW,MessageBoxW,SetUnhandledExceptionFilter,InitializeCriticalSection,InitializeCriticalSection,CreateEventW,CreateEventW,CoInitializeEx,CoInitializeSecurity,InitCommonControlsEx,#17,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,OpenEventW,SetEvent,CloseHandle,RegOpenKeyExW,RegQueryValueExW,RegCloseKey,RegCloseKey,GetSystemInfo,RegCreateKeyExW,RegSetValueExW,RegCloseKey,RegCreateKeyExW,RegSetValueExW,RegCloseKey,RegCreateKeyExW,RegSetValueExW,RegCloseKey,RegCreateKeyExW,RegSetValueExW,RegCloseKey,RegCreateKeyExW,RegSetValueExW,RegCloseKey,CreateEventW,SetEvent,CloseHandle,OpenProcess,WaitForSingleObject,CloseHandle,Sleep,EnterCriticalSection,LeaveCriticalSection,EnterCriticalSection,LeaveCriticalSection,EnterCriticalSection,GetCurrentDirectoryW,LeaveCriticalSection,EnterCriticalSection,GetCurrentDirectoryW,LeaveCriticalSection,LeaveCriticalSection,LoadStringW,LoadLibraryW,GetModuleHandleW,LoadStringW,MessageBoxW,OpenProcess,Sleep,WaitForSingleObject,CloseHandle,FindWindowW,FindWindowW,PostMessageW,LoadStringW,LoadLibraryW,GetModuleHandleW,LoadStringW,MessageBoxW,ShellExecuteW,LoadStringW,LoadLibraryW,GetModuleHandleW,LoadStringW,GdiplusStartup,CreateEventW,LoadLibraryW,LoadStringW,LoadLibraryW,GetModuleHandleW,LoadStringW,MessageBoxW,SetProcessShutdownParameters,GetCommandLineW,CreateThread,WaitForSingleObject,DialogBoxParamW,DialogBoxParamW,DialogBoxParamW,DialogBoxParamW,DialogBoxParamW,MessageBoxW,ExitProcess,CreateThread,RegOpenKeyExW,RegQueryValueExW,RegCloseKey,DialogBoxParamW,LoadStringW,LoadLibraryW,GetModuleHandleW,LoadStringW,GetModuleHandleW,LoadAcceleratorsW,RegOpenKeyExW,RegQueryValueExW,RegCloseKey,GetActiveProcessorCount,GetModuleHandleW,LoadIconW,CreateEventW,SetEvent,WaitForSingleObject,TerminateThread,ResetEvent,CreateThread,CreateThread,CreateThread,CreateThread,OpenMutexW,OpenMutexW,CloseHandle,Sleep,CreateThread,CreateThread,CreateThread,GetFileAttributesW,PostMessageW,GetMessageW,TranslateAcceleratorW,TranslateMessage,DispatchMessageW,GetMessageW,CloseHandle,CloseHandle,SetEvent,Shell_NotifyIconW,Sleep,CreateEventW,SetEvent,WaitForSingleObject,TerminateThread,GdiplusShutdown,DeleteCriticalSection,CloseHandle,CloseHandle,CloseHandle,CloseHandle,CloseHandle,DeleteCriticalSection,SetEvent,WaitForSingleObject,TerminateThread,RegCloseKey,LoadStringW,LoadLibraryW,GetModuleHandleW,LoadStringW,4_2_00007FF7E6C5FB40
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6CF4E00 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,4_2_00007FF7E6CF4E00
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6D00A98 RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,4_2_00007FF7E6D00A98

HIPS / PFW / Operating System Protection Evasion

barindex
Found direct / indirect Syscall (likely to bypass EDR)
Source: C:\Users\user\Desktop\bitsumsessionagent.exeNtQueryInformationProcess: Indirect: 0x7FF7E99D1EA8Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeNtQuerySystemInformation: Indirect: 0x7FF7E6CC3E81Jump to behavior
Source: C:\Users\user\Desktop\bitsumsessionagent.exeNtQueryInformationProcess: Indirect: 0x7FF7E99D23A9Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C70BB0 GetModuleHandleW,GetModuleFileNameW,ShellExecuteExW,GetStartupInfoW,CreateProcessW,4_2_00007FF7E6C70BB0
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeProcess created: C:\Users\user\Desktop\PostUpdate.exe "C:\Users\user\Desktop\PostUpdate.exe" Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2040 --field-trial-handle=1976,i,556397286523747728,13715138569827133155,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C168E0 InitializeSecurityDescriptor,SetSecurityDescriptorDacl,CreateEventW,CreateEventW,CreateEventW,CreateEventW,InitializeCriticalSection,InitializeCriticalSection,InitializeCriticalSection,GetNumaHighestNodeNumber,QueryPerformanceFrequency,GetUserNameW,FindWindowW,InitCommonControlsEx,#17,CreateThread,4_2_00007FF7E6C168E0
Source: SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000071D5000.00000004.00000020.00020000.00000000.sdmp, TweakScheduler.exe.0.drBinary or memory string: tooltips_class32TweakScheduler v1.04System\CurrentControlSet\Control\PriorityControlWin32PrioritySeparationSeShutdownPrivilegehttps://bitsum.com/%xtweakscheduler.exelassopecparkbitsumalaInstallerLanguageDWORDBitsumSOFTWARE\%sInstallerLanguageLanguageSoftware\Bitsum%s\%s'''"""\,,Software\Microsoft\Windows\CurrentVersion\Run\processlasso.exe."%s" %d-%d%d;/%d/()allSYSTEM\CurrentControlSet\ServicesSYSTEM\CurrentControlSet\Services\DisplayNameImagePathObjectNameStartrunas"%s" "%s" "%s"SilentUpdate"%s"%s%sGlobal\TermSrvReadyEventTermServicesvchost.exe-k-Ksvchost.exe (%s)rundll32.exerundll32rundll32.exe (%s)%d:%02d:%02d.%03d"%s" %sCreateProcessWithTokenWadvapi32Progmanhttps\shell\open\command"%1"%1%s "%s"iexplore.exeprolasso.iniprosuper.iniprolasso.ini2ERROR: There was an error cleaning up the global path of Process Lasso's configuration file..portableservices.ex%s\ProcessLasso.exe%s\ProcessGovernor.exeSoftware\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted*systemlocal servicenetwork service\QuickUpgrade.exe.Replacement\ProcessLasso\pl4sfx.exe\pl4sfx_server.exe\pl_rsrc_temp.dll\pl_debug.logadvapi32.dllConvertStringSidToSidWS-1-16-1024GUIStartCoreStartParkControlInstalledprocesslasso.exeInstall_Dirprobalance.exeSoftware\CPUBalancecpubalance\probalance.exeprocessgovernor.exeprocess lasso%s\%s\%s
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_00470826 cpuid 0_2_00470826
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: GetLocaleInfoW,GetNumberFormatW,0_2_0046C093
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: EnumSystemLocalesW,4_2_00007FF7E6D156C8
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: EnumSystemLocalesW,GetUserDefaultLCID,ProcessCodePage,IsValidCodePage,IsValidLocale,GetLocaleInfoW,GetLocaleInfoW,4_2_00007FF7E6D1D364
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: GetLocaleInfoEx,4_2_00007FF7E6CF4504
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: GetLocaleInfoW,GetLocaleInfoW,GetACP,4_2_00007FF7E6D1D188
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: EnumSystemLocalesW,4_2_00007FF7E6D1CD4C
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: EnumSystemLocalesW,4_2_00007FF7E6D1CC7C
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: GetLocaleInfoW,4_2_00007FF7E6D15C64
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: TranslateName,TranslateName,GetACP,IsValidCodePage,GetLocaleInfoW,4_2_00007FF7E6D1C930
Source: C:\Users\user\Desktop\PostUpdate.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
Source: C:\Users\user\Desktop\PostUpdate.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
Source: C:\Users\user\Desktop\ProcessLasso.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_0046F05C GetCommandLineW,OpenFileMappingW,MapViewOfFile,UnmapViewOfFile,CloseHandle,GetModuleFileNameW,SetEnvironmentVariableW,GetLocalTime,_swprintf,SetEnvironmentVariableW,GetModuleHandleW,LoadIconW,DialogBoxParamW,Sleep,DeleteObject,DeleteObject,CloseHandle,0_2_0046F05C
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6C168E0 InitializeSecurityDescriptor,SetSecurityDescriptorDacl,CreateEventW,CreateEventW,CreateEventW,CreateEventW,InitializeCriticalSection,InitializeCriticalSection,InitializeCriticalSection,GetNumaHighestNodeNumber,QueryPerformanceFrequency,GetUserNameW,FindWindowW,InitCommonControlsEx,#17,CreateThread,4_2_00007FF7E6C168E0
Source: C:\Users\user\Desktop\ProcessLasso.exeCode function: 4_2_00007FF7E6D19140 _get_daylight,_get_daylight,_get_daylight,GetTimeZoneInformation,4_2_00007FF7E6D19140
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exeCode function: 0_2_0045C365 GetVersionExW,0_2_0045C365
Source: ProcessLasso.exe, 00000004.00000002.2879653332.000002A8B2697000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: fsgk32st.exe
Source: ProcessLasso.exe, 00000004.00000002.2879653332.000002A8B2697000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: cmdagent.exe
Source: ProcessLasso.exe, 00000004.00000002.2879653332.000002A8B2697000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: cfp.exe
Source: ProcessLasso.exe, 00000004.00000002.2879653332.000002A8B2697000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: msmpeng.exe
Source: ProcessLasso.exe, 00000004.00000002.2879653332.000002A8B2697000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: avgcsrvx.exe
Source: ProcessLasso.exe, 00000004.00000002.2879653332.000002A8B2697000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: avkservice.exe
Source: ProcessLasso.exe, 00000004.00000002.2879653332.000002A8B2697000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: mcshield.exe
Source: ProcessLasso.exe, 00000004.00000002.2879653332.000002A8B2697000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: rtvscan.exe
Source: ProcessLasso.exe, 00000004.00000002.2879653332.000002A8B2697000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: fsav32.exe
Source: ProcessLasso.exe, 00000004.00000002.2879653332.000002A8B2697000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: ashwebsv.exe
Source: ProcessLasso.exe, 00000004.00000002.2879653332.000002A8B2697000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: fsdfwd.exe
Source: ProcessLasso.exe, 00000004.00000002.2879653332.000002A8B2697000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: vsmon.exe
Source: ProcessLasso.exe, 00000004.00000002.2879653332.000002A8B2697000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: ashserv.exe
Source: ProcessLasso.exe, 00000004.00000002.2879653332.000002A8B2697000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: ashmaisv.exe

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire Infrastructure1
Drive-by Compromise		2
Native API		1
DLL Side-Loading		1
Exploitation for Privilege Escalation		1
Deobfuscate/Decode Files or Information		11
Input Capture		12
System Time Discovery		Remote Services1
Archive Collected Data		2
Ingress Tool Transfer		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault Accounts3
Command and Scripting Interpreter		1
DLL Search Order Hijacking		1
Abuse Elevation Control Mechanism		1
Abuse Elevation Control Mechanism		LSASS Memory1
Account Discovery		Remote Desktop Protocol11
Input Capture		11
Encrypted Channel		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain Accounts1
Scheduled Task/Job		1
Windows Service		1
DLL Side-Loading		2
Obfuscated Files or Information		Security Account Manager1
System Service Discovery		SMB/Windows Admin Shares2
Clipboard Data		3
Non-Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal Accounts2
Service Execution		1
Scheduled Task/Job		1
DLL Search Order Hijacking		1
Software Packing		NTDS3
File and Directory Discovery		Distributed Component Object ModelInput Capture4
Application Layer Protocol		Traffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon Script1
Access Token Manipulation		1
DLL Side-Loading		LSA Secrets35
System Information Discovery		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC Scripts1
Windows Service		1
DLL Search Order Hijacking		Cached Domain Credentials51
Security Software Discovery		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup Items12
Process Injection		11
Masquerading		DCSync2
Process Discovery		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/Job1
Scheduled Task/Job		1
Access Token Manipulation		Proc Filesystem1
Application Window Discovery		Cloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAt12
Process Injection		/etc/passwd and /etc/shadow1
System Owner/User Discovery		Direct Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement
IP AddressesCompromise InfrastructureSupply Chain CompromisePowerShellCronCronDynamic API ResolutionNetwork Sniffing1
Remote System Discovery		Shared WebrootLocal Data StagingFile Transfer ProtocolsExfiltration Over Asymmetric Encrypted Non-C2 ProtocolExternal Defacement

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 1436481 Sample: SecuriteInfo.com.Trojan.Mul... Startdate: 05/05/2024 Architecture: WINDOWS Score: 31 8 SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe 37 2->8         started        11 bitsumsessionagent.exe 2->11         started        14 bitsumsessionagent.exe 2->14         started        file3 48 C:\Users\user\...\bitsumsessionagent.exe, PE32+ 8->48 dropped 50 C:\Users\user\Desktop\ProcessLasso.exe, PE32+ 8->50 dropped 52 C:\Users\user\Desktop\vistammsc.exe, PE32+ 8->52 dropped 54 27 other files (none is malicious) 8->54 dropped 16 PostUpdate.exe 21 53 8->16         started        68 Found direct / indirect Syscall (likely to bypass EDR) 11->68 signatures4 process5 file6 46 C:\Users\user\Desktop\QuickUpgrade.exe, PE32+ 16->46 dropped 19 ProcessLasso.exe 1 34 16->19         started        process7 signatures8 66 Found direct / indirect Syscall (likely to bypass EDR) 19->66 22 chrome.exe 1 19->22         started        25 chrome.exe 19->25         started        27 chrome.exe 19->27         started        29 12 other processes 19->29 process9 dnsIp10 56 192.168.2.4 unknown unknown 22->56 58 239.255.255.250 unknown Reserved 22->58 31 chrome.exe 22->31         started        34 chrome.exe 25->34         started        36 chrome.exe 27->36         started        38 chrome.exe 29->38         started        40 chrome.exe 29->40         started        42 chrome.exe 29->42         started        44 9 other processes 29->44 process11 dnsIp12 60 www.google.com 142.251.111.104 GOOGLEUS United States 31->60 62 stats.g.doubleclick.net 142.251.111.154 GOOGLEUS United States 31->62 64 17 other IPs or domains 31->64

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe5%ReversingLabs
SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe4%VirustotalBrowse

Dropped Files

SourceDetectionScannerLabelLink
C:\Users\user\Desktop\CPUEater.exe0%ReversingLabs
C:\Users\user\Desktop\CPUEater.exe0%VirustotalBrowse
C:\Users\user\Desktop\Insights.exe0%ReversingLabs
C:\Users\user\Desktop\Insights.exe0%VirustotalBrowse
C:\Users\user\Desktop\InstallHelper.exe0%ReversingLabs
C:\Users\user\Desktop\InstallHelper.exe0%VirustotalBrowse
C:\Users\user\Desktop\LogViewer.exe0%ReversingLabs
C:\Users\user\Desktop\LogViewer.exe0%VirustotalBrowse
C:\Users\user\Desktop\PostUpdate.exe0%ReversingLabs
C:\Users\user\Desktop\PostUpdate.exe0%VirustotalBrowse
C:\Users\user\Desktop\ProcessGovernor.exe0%ReversingLabs
C:\Users\user\Desktop\ProcessGovernor.exe0%VirustotalBrowse
C:\Users\user\Desktop\ProcessLasso.exe0%ReversingLabs
C:\Users\user\Desktop\ProcessLasso.exe0%VirustotalBrowse
C:\Users\user\Desktop\ProcessLassoLauncher.exe0%ReversingLabs
C:\Users\user\Desktop\ProcessLassoLauncher.exe0%VirustotalBrowse
C:\Users\user\Desktop\QuickUpgrade.exe0%ReversingLabs
C:\Users\user\Desktop\QuickUpgrade.exe0%VirustotalBrowse
C:\Users\user\Desktop\QuickUpgrade.exe.Replacement0%ReversingLabs
C:\Users\user\Desktop\QuickUpgrade.exe.Replacement0%VirustotalBrowse
C:\Users\user\Desktop\ThreadRacer.exe0%ReversingLabs
C:\Users\user\Desktop\ThreadRacer.exe0%VirustotalBrowse
C:\Users\user\Desktop\TweakScheduler.exe0%ReversingLabs
C:\Users\user\Desktop\TweakScheduler.exe0%VirustotalBrowse
C:\Users\user\Desktop\bitsumsessionagent.exe0%ReversingLabs
C:\Users\user\Desktop\bitsumsessionagent.exe0%VirustotalBrowse
C:\Users\user\Desktop\plActivate.exe0%ReversingLabs
C:\Users\user\Desktop\plActivate.exe0%VirustotalBrowse
C:\Users\user\Desktop\pl_rsrc_bulgarian.dll0%ReversingLabs
C:\Users\user\Desktop\pl_rsrc_bulgarian.dll0%VirustotalBrowse
C:\Users\user\Desktop\pl_rsrc_chinese.dll0%ReversingLabs
C:\Users\user\Desktop\pl_rsrc_chinese.dll0%VirustotalBrowse
C:\Users\user\Desktop\pl_rsrc_chinese_traditional.dll0%ReversingLabs
C:\Users\user\Desktop\pl_rsrc_chinese_traditional.dll0%VirustotalBrowse
C:\Users\user\Desktop\pl_rsrc_english.dll0%ReversingLabs
C:\Users\user\Desktop\pl_rsrc_english.dll0%VirustotalBrowse
C:\Users\user\Desktop\pl_rsrc_finnish.dll0%ReversingLabs
C:\Users\user\Desktop\pl_rsrc_finnish.dll0%VirustotalBrowse

Unpacked PE Files

No Antivirus matches

Domains

SourceDetectionScannerLabelLink
stripecdn.map.fastly.net0%VirustotalBrowse

URLs

SourceDetectionScannerLabelLink
https://b.stripecdn.com/mkt-statics-srv/assets/CodeEditorAutocomplete-dc62d89d9e2121e48baf.css0%URL Reputationsafe
https://b.stripecdn.com/mkt-statics-srv/assets/CodeEditorAutocomplete-dc62d89d9e2121e48baf.css0%URL Reputationsafe
https://b.stripecdn.com/mkt-statics-srv/assets/CustomersCaseStudyCarouselNavItem-fd5a8f8fac232f661b30%URL Reputationsafe
https://b.stripecdn.com/mkt-statics-srv/assets/StripeSet-423109ad4bf57a2a011c.css0%URL Reputationsafe
https://b.stripecdn.com/mkt-statics-srv/assets/StripeSet-423109ad4bf57a2a011c.css0%URL Reputationsafe
https://b.stripecdn.com/mkt-statics-srv/assets/CodeEditorStatusBar-24c7c84123b2b6e4f091.css0%URL Reputationsafe
https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorStickyAnimation-4ea4d6a5e9b414987337.css0%URL Reputationsafe
https://b.stripecdn.com/mkt-statics-srv/assets/Field-ea906aa31d4012757deb.css0%URL Reputationsafe
https://b.stripecdn.com/mkt-statics-srv/assets/GraphicFormFieldInput-3d704dfad5ff81d0e80b.css0%URL Reputationsafe
https://b.stripecdn.com/mkt-statics-srv/assets/CustomersCaseStudyCarouselNavTrack-1380f9c2e275695c5e0%URL Reputationsafe
https://b.stripecdn.com/mkt-statics-srv/assets/Stripe-b3679504f08482f96a0d.css0%URL Reputationsafe
https://b.stripecdn.com/mkt-statics-srv/assets/f965fdf4.woff20%URL Reputationsafe
https://b.stripecdn.com/mkt-statics-srv/assets/GridLayout-0b90e779a89c0243e739.css0%URL Reputationsafe
https://b.stripecdn.com/mkt-statics-srv/assets/GlobalizationPicker-cb59e0de1d5c3aeaa184.css0%URL Reputationsafe
https://b.stripecdn.com/mkt-statics-srv/assets/HorizontalOverflowContainer-0b85e8f46a0db21a6ef9.css0%URL Reputationsafe
https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorSuiteAnimation-683958a93f82ca151ea7.css0%URL Reputationsafe
https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorSubanimation-b9163916332f2a67d464.css0%URL Reputationsafe
http://daneden.me/animate0%URL Reputationsafe
https://b.stripecdn.com/mkt-statics-srv/assets/ProductListing-3e17d7acee941b127dd1.css0%URL Reputationsafe
https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorPaymentsAnimation-71bdbfda51a40294b593.css0%URL Reputationsafe
http://getbootstrap.com)0%Avira URL Cloudsafe
https://bitsum.com30%Avira URL Cloudsafe
https://bitsum.com.0%Avira URL Cloudsafe
https://bitsum.com50%Avira URL Cloudsafe
https://wpbakery.com)0%Avira URL Cloudsafe
http://www.ianlunn.co.uk/plugins/jquery-parallax/0%Avira URL Cloudsafe
http://www.no-margin-for-errors.com)0%Avira URL Cloudsafe
https://bitsum.com.0%VirustotalBrowse
http://www.ianlunn.co.uk/plugins/jquery-parallax/0%VirustotalBrowse

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
stats.wp.com
192.0.76.3
truefalse
    		high
    a.nel.cloudflare.com
    		35.190.80.1
    		truefalse
      		high
      stripecdn.map.fastly.net
      		151.101.128.176
      		truefalseunknown
      stats.g.doubleclick.net
      		142.251.111.154
      		truefalse
        		high
        bitsum.com
        		104.26.5.102
        		truefalse
          		high
          analytics-alv.google.com
          		216.239.38.181
          		truefalse
            		high
            pixel.wp.com
            		192.0.76.3
            		truefalse
              		high
              m.stripe.com
              		44.237.131.121
              		truefalse
                		high
                stripe.com
                		198.202.176.81
                		truefalse
                  		high
                  dexeqbeb7giwr.cloudfront.net
                  		18.238.49.4
                  		truefalse
                    		high
                    lb.wordpress.com
                    		192.0.78.12
                    		truefalse
                      		high
                      www.google.com
                      		142.251.111.104
                      		truefalse
                        		high
                        analytics.google.com
                        		142.251.16.113
                        		truefalse
                          		high
                          m.stripe.network
                          		unknown
                          		unknownfalse
                            		high
                            js.stripe.com
                            		unknown
                            		unknownfalse
                              		high
                              v0.wordpress.com
                              		unknown
                              		unknownfalse
                                		high

                                Contacted URLs

                                NameMaliciousAntivirus DetectionReputation
                                https://analytics.google.com/g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912469117&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=1535false
                                  		high
                                  https://bitsum.com/wp-content/plugins/google-analytics-premium/assets/js/frontend-gtag.min.js?ver=8.26.0false
                                    		high
                                    https://analytics.google.com/g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912497244&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr5.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr36.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr64.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true&_et=370&tfd=1814false
                                      		high
                                      https://bitsum.com/wp-content/plugins/tml-social/assets/styles/tml-social.min.css?ver=1.1false
                                        		high
                                        https://m.stripe.network/inner.html#url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&title=Get%20Process%20Lasso%20Pro&referrer=&muid=NA&sid=NA&version=6&preview=falsefalse
                                          		high
                                          https://bitsum.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0false
                                            		high
                                            https://bitsum.com/wp-content/plugins/theme-my-login/assets/scripts/theme-my-login.min.js?ver=7.1.7false
                                              		high
                                              https://analytics.google.com/g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912395180&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=2&sid=1714912397&sct=1&seg=0&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=7&tfd=11487false
                                                		high
                                                https://analytics.google.com/g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912497244&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=1433false
                                                  		high
                                                  https://analytics.google.com/g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912469117&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=1&tfd=6702false
                                                    		high
                                                    https://bitsum.com/wp-content/plugins/edd-user-history/assets/js/tracking.js?ver=1.2.0false
                                                      		high
                                                      https://analytics.google.com/g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912432915&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr5.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr36.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr64.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true&_et=493&tfd=3036false
                                                        		high
                                                        https://analytics.google.com/g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912455338&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=3034false
                                                          		high
                                                          https://analytics.google.com/g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912395180&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=406&tfd=17495false
                                                            		high
                                                            https://pixel.wp.com/g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3177&rand=0.6102218130973263false
                                                              		high
                                                              https://analytics.google.com/g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912476633&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=2944false
                                                                		high
                                                                https://bitsum.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17false
                                                                  		high
                                                                  https://analytics.google.com/g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912476633&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=3&tfd=9099false
                                                                    		high
                                                                    https://bitsum.com/wp-content/themes/meminz/skins/default/skin.css?ver=35eac6e98b37c7568cceeeeb456d12a3false
                                                                      		high
                                                                      https://pixel.wp.com/g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3149&rand=0.33416128811766366false
                                                                        		high
                                                                        https://analytics.google.com/g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912432915&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=2&tfd=8277false
                                                                          		high
                                                                          https://bitsum.com/js/anchor-offset.js?ver=2false
                                                                            		high
                                                                            https://analytics.google.com/g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912490931&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=2&tfd=7111false
                                                                              		high
                                                                              https://bitsum.com/wp-content/themes/meminz/js/custom.js?ver=20231102false
                                                                                		high
                                                                                https://bitsum.com/wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714912409false
                                                                                  		high
                                                                                  https://analytics.google.com/g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912455338&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=2&tfd=11391false
                                                                                    		high
                                                                                    https://bitsum.com/wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714912417false
                                                                                      		high
                                                                                      https://bitsum.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=7.6false
                                                                                        		high
                                                                                        https://analytics.google.com/g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912408856&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=2&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=4&tfd=3207false
                                                                                          		high
                                                                                          https://bitsum.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=7.6false
                                                                                            		high
                                                                                            https://pixel.wp.com/g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=0&rand=0.0645236413472281false
                                                                                              		high
                                                                                              https://analytics.google.com/g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912398937&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=3&tfd=8985false
                                                                                                		high
                                                                                                https://bitsum.com/wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714912426false
                                                                                                  		high
                                                                                                  https://analytics.google.com/g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912476633&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr5.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr36.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr64.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true&_et=202&tfd=3158false
                                                                                                    		high

                                                                                                    URLs from Memory and Binaries

                                                                                                    NameSourceMaliciousAntivirus DetectionReputation
                                                                                                    https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1&ProcessLasso.exe, 00000004.00000002.2879653332.000002A8B26CE000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                      		high
                                                                                                      https://b.stripecdn.com/mkt-statics-srv/assets/CodeEditorAutocomplete-dc62d89d9e2121e48baf.csschromecache_216.8.drfalse
                                                                                                      • URL Reputation: safe
                                                                                                      • URL Reputation: safe
                                                                                                      		unknown
                                                                                                      https://b.stripecdn.com/mkt-statics-srv/assets/CustomersCaseStudyCarouselNavItem-fd5a8f8fac232f661b3chromecache_216.8.drfalse
                                                                                                      • URL Reputation: safe
                                                                                                      		unknown
                                                                                                      https://b.stripecdn.com/mkt-statics-srv/assets/StripeSet-423109ad4bf57a2a011c.csschromecache_216.8.drfalse
                                                                                                      • URL Reputation: safe
                                                                                                      • URL Reputation: safe
                                                                                                      		unknown
                                                                                                      https://bitsum.com/support.SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000083A2000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007B26000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006D11000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006E42000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007661000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007829000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000073BC000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007D10000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007F06000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000079F7000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000081B6000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008574000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.000000000887A000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008748000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006B28000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000001.00000002.1688555797.00000277D90FF000.00000002.00000001.01000000.0000000A.sdmp, ProcessLasso.exe, 00000004.00000002.2880201261.000002A8B45DF000.00000002.00000001.01000000.0000000A.sdmp, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_english.dll.0.drfalse
                                                                                                        		high
                                                                                                        https://bitsum.com/%xtweakscheduler.exelassopecparkbitsumalaInstallerLanguageDWORDBitsumSOFTWARESecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000071D5000.00000004.00000020.00020000.00000000.sdmp, TweakScheduler.exe.0.drfalse
                                                                                                          		high
                                                                                                          https://b.stripecdn.com/mkt-statics-srv/assets/CodeEditorStatusBar-24c7c84123b2b6e4f091.csschromecache_216.8.drfalse
                                                                                                          • URL Reputation: safe
                                                                                                          		unknown
                                                                                                          http://www.opensource.org/licenses/mit-license.phpchromecache_221.8.drfalse
                                                                                                            		high
                                                                                                            https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorStickyAnimation-4ea4d6a5e9b414987337.csschromecache_216.8.drfalse
                                                                                                            • URL Reputation: safe
                                                                                                            		unknown
                                                                                                            https://activate.bitsum.com/?ProcessSecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006E42000.00000004.00000020.00020000.00000000.sdmp, QuickUpgrade.exe.1.dr, QuickUpgrade.exe.Replacement.0.dr, plActivate.exe.0.drfalse
                                                                                                              		high
                                                                                                              https://assets.ctfassets.net/fzn2n1nzq965/01hMKr6nEEGVfOuhsaMIXQ/c424849423b5f036a8892afa09ac38c7/fachromecache_216.8.drfalse
                                                                                                                		high
                                                                                                                https://bitsum.com5SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007661000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_chinese.dll.0.drfalse
                                                                                                                • Avira URL Cloud: safe
                                                                                                                		unknown
                                                                                                                https://b.stripecdn.com/mkt-statics-srv/assets/Field-ea906aa31d4012757deb.csschromecache_216.8.drfalse
                                                                                                                • URL Reputation: safe
                                                                                                                		unknown
                                                                                                                https://wpbakery.com)chromecache_239.8.dr, chromecache_258.8.drfalse
                                                                                                                • Avira URL Cloud: safe
                                                                                                                		low
                                                                                                                https://stripe.com/iechromecache_216.8.drfalse
                                                                                                                  		high
                                                                                                                  http://getbootstrap.com)chromecache_254.8.dr, chromecache_221.8.drfalse
                                                                                                                  • Avira URL Cloud: safe
                                                                                                                  		low
                                                                                                                  https://bitsum.com/3CurrentSecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000083A2000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000079F7000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000001.00000002.1688555797.00000277D90FF000.00000002.00000001.01000000.0000000A.sdmp, ProcessLasso.exe, 00000004.00000002.2880201261.000002A8B45DF000.00000002.00000001.01000000.0000000A.sdmp, pl_rsrc_english.dll.0.dr, pl_rsrc_japanese.dll.0.drfalse
                                                                                                                    		high
                                                                                                                    https://bitsum.com3SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007829000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_chinese_traditional.dll.0.drfalse
                                                                                                                    • Avira URL Cloud: safe
                                                                                                                    		unknown
                                                                                                                    https://b.stripecdn.com/mkt-statics-srv/assets/GraphicFormFieldInput-3d704dfad5ff81d0e80b.csschromecache_216.8.drfalse
                                                                                                                    • URL Reputation: safe
                                                                                                                    		unknown
                                                                                                                    https://bitsum.com/pl_rsrc_russian.dll.0.dr, pl_rsrc_polish.dll.0.dr, pl_rsrc_french.dll.0.dr, pl_rsrc_bulgarian.dll.0.dr, pl_rsrc_german.dll.0.drfalse
                                                                                                                      		high
                                                                                                                      https://bitsum.com.SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006D11000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007F06000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008748000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006B28000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_slovenian.dll.0.dr, pl_rsrc_russian.dll.0.dr, pl_rsrc_polish.dll.0.dr, pl_rsrc_german.dll.0.drfalse
                                                                                                                      • 0%, Virustotal, Browse
                                                                                                                      • Avira URL Cloud: safe
                                                                                                                      		unknown
                                                                                                                      https://b.stripecdn.com/mkt-statics-srv/assets/CustomersCaseStudyCarouselNavTrack-1380f9c2e275695c5echromecache_216.8.drfalse
                                                                                                                      • URL Reputation: safe
                                                                                                                      		unknown
                                                                                                                      https://b.stripecdn.com/mkt-statics-srv/assets/Stripe-b3679504f08482f96a0d.csschromecache_216.8.drfalse
                                                                                                                      • URL Reputation: safe
                                                                                                                      		unknown
                                                                                                                      https://www.google.com/search?q=%sopenProcessSecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006FAF000.00000004.00000020.00020000.00000000.sdmp, ProcessLasso.exe, 00000004.00000000.1681252064.00007FF7E6D2F000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe, 00000004.00000002.2882313735.00007FF7E6D2F000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe.0.drfalse
                                                                                                                        		high
                                                                                                                        https://bitsum.com/keep-running-gaas-infoProcessLasso.exefalse
                                                                                                                          		high
                                                                                                                          https://stripe.com/docs/paymentschromecache_216.8.drfalse
                                                                                                                            		high
                                                                                                                            https://stripe.com/inchromecache_216.8.drfalse
                                                                                                                              		high
                                                                                                                              https://bitsum.com/step1/ProcessLasso.exefalse
                                                                                                                                		high
                                                                                                                                https://b.stripecdn.com/mkt-statics-srv/assets/f965fdf4.woff2chromecache_216.8.drfalse
                                                                                                                                • URL Reputation: safe
                                                                                                                                		unknown
                                                                                                                                https://images.ctfassets.net/fzn2n1nzq965/5F0uhf7cRg9vhR6NmgWzzI/664e14ddebb91375f89f8dcc75242dc0/hochromecache_216.8.drfalse
                                                                                                                                  		high
                                                                                                                                  https://bitsum.com/minidumps/ProcessLasso.exefalse
                                                                                                                                    		high
                                                                                                                                    https://stripe.com/itchromecache_216.8.drfalse
                                                                                                                                      		high
                                                                                                                                      https://bitsum.compl_rsrc_german.dll.0.drfalse
                                                                                                                                        		high
                                                                                                                                        https://bitsum.com/processlasso-docs/#processmatchhttps://activate.bitsum.com/check.phpCHECK_OKarbgcInsights.exe.0.drfalse
                                                                                                                                          		high
                                                                                                                                          https://bitsum.com/processlasso/?inproduct;ThereSecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000079F7000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000001.00000002.1688555797.00000277D90FF000.00000002.00000001.01000000.0000000A.sdmp, ProcessLasso.exe, 00000004.00000002.2880201261.000002A8B45DF000.00000002.00000001.01000000.0000000A.sdmp, pl_rsrc_english.dll.0.drfalse
                                                                                                                                            		high
                                                                                                                                            https://images.ctfassets.netchromecache_216.8.drfalse
                                                                                                                                              		high
                                                                                                                                              https://bitsum.com/processlasso/purchase/commercial/?inproduct1https://bitsum.com/processlasso/serveSecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000083A2000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007B26000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006D11000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006E42000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007661000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007829000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000073BC000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007D10000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007F06000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000079F7000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000081B6000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008574000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.000000000887A000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008748000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006B28000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000001.00000002.1688555797.00000277D90FF000.00000002.00000001.01000000.0000000A.sdmp, ProcessLasso.exe, 00000004.00000002.2880201261.000002A8B45DF000.00000002.00000001.01000000.0000000A.sdmp, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_english.dll.0.drfalse
                                                                                                                                                		high
                                                                                                                                                http://www.ianlunn.co.uk/plugins/jquery-parallax/chromecache_221.8.drfalse
                                                                                                                                                • 0%, Virustotal, Browse
                                                                                                                                                • Avira URL Cloud: safe
                                                                                                                                                		unknown
                                                                                                                                                https://stripe.com/#organizationchromecache_216.8.drfalse
                                                                                                                                                  		high
                                                                                                                                                  https://bitsum.com/processlasso-docs/#processmatch;SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006FAF000.00000004.00000020.00020000.00000000.sdmp, ProcessLasso.exe, 00000004.00000000.1681252064.00007FF7E6D2F000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe, 00000004.00000002.2882313735.00007FF7E6D2F000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe.0.drfalse
                                                                                                                                                    		high
                                                                                                                                                    https://stripe.com/jpchromecache_216.8.drfalse
                                                                                                                                                      		high
                                                                                                                                                      https://b.stripecdn.com/mkt-statics-srv/assets/GridLayout-0b90e779a89c0243e739.csschromecache_216.8.drfalse
                                                                                                                                                      • URL Reputation: safe
                                                                                                                                                      		unknown
                                                                                                                                                      https://dashboard.stripe.com/chromecache_216.8.drfalse
                                                                                                                                                        		high
                                                                                                                                                        https://www.google.com/search?q=%sProcessLasso.exefalse
                                                                                                                                                          		high
                                                                                                                                                          https://bitsum.com/portfolio/cpubalance/FThttps://bitsum.com/members/purchase-history/14.0.2.12Insights.exe.0.drfalse
                                                                                                                                                            		high
                                                                                                                                                            https://b.stripecdn.com/mkt-statics-srv/assets/GlobalizationPicker-cb59e0de1d5c3aeaa184.csschromecache_216.8.drfalse
                                                                                                                                                            • URL Reputation: safe
                                                                                                                                                            		unknown
                                                                                                                                                            https://bitsum.com/support/?inproductSecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007B26000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006D11000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006E42000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007661000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000073BC000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007D10000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000007F06000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000079F7000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.00000000081B6000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008574000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.000000000887A000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000008748000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006B28000.00000004.00000020.00020000.00000000.sdmp, PostUpdate.exe, 00000001.00000002.1688555797.00000277D90FF000.00000002.00000001.01000000.0000000A.sdmp, ProcessLasso.exe, 00000004.00000002.2880201261.000002A8B45DF000.00000002.00000001.01000000.0000000A.sdmp, pl_rsrc_ptbr.dll.0.dr, pl_rsrc_korean.dll.0.dr, pl_rsrc_chinese.dll.0.dr, pl_rsrc_english.dll.0.dr, pl_rsrc_slovenian.dll.0.dr, pl_rsrc_finnish.dll.0.drfalse
                                                                                                                                                              		high
                                                                                                                                                              https://update.bitsum.com/userservices/versioninfo.php&Platform=&Registered=&vnew=1?ProductName=&manSecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.0000000006FAF000.00000004.00000020.00020000.00000000.sdmp, ProcessLasso.exe, 00000004.00000000.1681252064.00007FF7E6D2F000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe, 00000004.00000002.2882313735.00007FF7E6D2F000.00000002.00000001.01000000.0000000D.sdmp, ProcessLasso.exe.0.drfalse
                                                                                                                                                                		high
                                                                                                                                                                https://b.stripecdn.com/mkt-statics-srv/assets/HorizontalOverflowContainer-0b85e8f46a0db21a6ef9.csschromecache_216.8.drfalse
                                                                                                                                                                • URL Reputation: safe
                                                                                                                                                                		unknown
                                                                                                                                                                https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1CCProcessLasso.exe, 00000004.00000002.2879653332.000002A8B26DF000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                  		high
                                                                                                                                                                  http://www.no-margin-for-errors.com)chromecache_221.8.drfalse
                                                                                                                                                                  • Avira URL Cloud: safe
                                                                                                                                                                  		low
                                                                                                                                                                  https://stripe.com/sv-fichromecache_216.8.drfalse
                                                                                                                                                                    		high
                                                                                                                                                                    https://support.stripe.com/?referrerLocale=en-uschromecache_216.8.drfalse
                                                                                                                                                                      		high
                                                                                                                                                                      https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorSuiteAnimation-683958a93f82ca151ea7.csschromecache_216.8.drfalse
                                                                                                                                                                      • URL Reputation: safe
                                                                                                                                                                      		unknown
                                                                                                                                                                      https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorSubanimation-b9163916332f2a67d464.csschromecache_216.8.drfalse
                                                                                                                                                                      • URL Reputation: safe
                                                                                                                                                                      		unknown
                                                                                                                                                                      https://bitsum.com/1ASecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, 00000000.00000003.1644350315.000000000887A000.00000004.00000020.00020000.00000000.sdmp, pl_rsrc_ptbr.dll.0.drfalse
                                                                                                                                                                        		high
                                                                                                                                                                        https://fontawesome.com/license/freechromecache_274.8.dr, chromecache_280.8.drfalse
                                                                                                                                                                          		high
                                                                                                                                                                          https://images.ctfassets.net/fzn2n1nzq965/6iLtU8qBUtE42tshpmZxY2/ac5b7b7a181524237b942e43620fceef/chchromecache_216.8.drfalse
                                                                                                                                                                            		high
                                                                                                                                                                            http://daneden.me/animatechromecache_254.8.drfalse
                                                                                                                                                                            • URL Reputation: safe
                                                                                                                                                                            		unknown
                                                                                                                                                                            https://bitsum.com/get-process-lasso-server-edition/https://activate.bitsum.com/?ProcessInsights.exe.0.drfalse
                                                                                                                                                                              		high
                                                                                                                                                                              https://b.stripecdn.com/mkt-statics-srv/assets/ProductListing-3e17d7acee941b127dd1.csschromecache_216.8.drfalse
                                                                                                                                                                              • URL Reputation: safe
                                                                                                                                                                              		unknown
                                                                                                                                                                              https://stripe.com/dechromecache_216.8.drfalse
                                                                                                                                                                                		high
                                                                                                                                                                                https://bitsum.com/processlasso/?inproductpl_rsrc_russian.dll.0.dr, pl_rsrc_polish.dll.0.dr, pl_rsrc_french.dll.0.dr, pl_rsrc_bulgarian.dll.0.dr, pl_rsrc_german.dll.0.drfalse
                                                                                                                                                                                  		high
                                                                                                                                                                                  https://stripe.com/docs/apichromecache_216.8.drfalse
                                                                                                                                                                                    		high
                                                                                                                                                                                    https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorPaymentsAnimation-71bdbfda51a40294b593.csschromecache_216.8.drfalse
                                                                                                                                                                                    • URL Reputation: safe
                                                                                                                                                                                    		unknown
                                                                                                                                                                                    https://bitsum.com/get-process-lasso-server-edition/ProcessLasso.exefalse
                                                                                                                                                                                      		high

                                                                                                                                                                                      World Map of Contacted IPs

                                                                                                                                                                                      • No. of IPs < 25%
                                                                                                                                                                                      • 25% < No. of IPs < 50%
                                                                                                                                                                                      • 50% < No. of IPs < 75%
                                                                                                                                                                                      • 75% < No. of IPs

                                                                                                                                                                                      Public IPs

                                                                                                                                                                                      IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                      18.238.49.4
                                                                                                                                                                                      		dexeqbeb7giwr.cloudfront.netUnited States
                                                                                                                                                                                      		16509AMAZON-02USfalse
                                                                                                                                                                                      104.26.5.102
                                                                                                                                                                                      		bitsum.comUnited States
                                                                                                                                                                                      		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                      216.239.38.181
                                                                                                                                                                                      		analytics-alv.google.comUnited States
                                                                                                                                                                                      		15169GOOGLEUSfalse
                                                                                                                                                                                      142.251.16.113
                                                                                                                                                                                      		analytics.google.comUnited States
                                                                                                                                                                                      		15169GOOGLEUSfalse
                                                                                                                                                                                      142.251.111.104
                                                                                                                                                                                      		www.google.comUnited States
                                                                                                                                                                                      		15169GOOGLEUSfalse
                                                                                                                                                                                      35.190.80.1
                                                                                                                                                                                      		a.nel.cloudflare.comUnited States
                                                                                                                                                                                      		15169GOOGLEUSfalse
                                                                                                                                                                                      142.251.111.154
                                                                                                                                                                                      		stats.g.doubleclick.netUnited States
                                                                                                                                                                                      		15169GOOGLEUSfalse
                                                                                                                                                                                      44.229.0.33
                                                                                                                                                                                      		unknownUnited States
                                                                                                                                                                                      		16509AMAZON-02USfalse
                                                                                                                                                                                      44.237.131.121
                                                                                                                                                                                      		m.stripe.comUnited States
                                                                                                                                                                                      		16509AMAZON-02USfalse
                                                                                                                                                                                      192.0.76.3
                                                                                                                                                                                      		stats.wp.comUnited States
                                                                                                                                                                                      		2635AUTOMATTICUSfalse
                                                                                                                                                                                      44.240.201.86
                                                                                                                                                                                      		unknownUnited States
                                                                                                                                                                                      		16509AMAZON-02USfalse
                                                                                                                                                                                      151.101.128.176
                                                                                                                                                                                      		stripecdn.map.fastly.netUnited States
                                                                                                                                                                                      		54113FASTLYUSfalse
                                                                                                                                                                                      239.255.255.250
                                                                                                                                                                                      		unknownReserved
                                                                                                                                                                                      		unknownunknownfalse
                                                                                                                                                                                      198.202.176.81
                                                                                                                                                                                      		stripe.comUnited States
                                                                                                                                                                                      		22182AS22182USfalse
                                                                                                                                                                                      151.101.64.176
                                                                                                                                                                                      		unknownUnited States
                                                                                                                                                                                      		54113FASTLYUSfalse

                                                                                                                                                                                      Private

                                                                                                                                                                                      IP
                                                                                                                                                                                      192.168.2.4

                                                                                                                                                                                      General Information

                                                                                                                                                                                      Joe Sandbox version:40.0.0 Tourmaline
                                                                                                                                                                                      Analysis ID:1436481
                                                                                                                                                                                      Start date and time:2024-05-05 14:32:05 +02:00
                                                                                                                                                                                      Joe Sandbox product:CloudBasic
                                                                                                                                                                                      Overall analysis duration:0h 8m 56s
                                                                                                                                                                                      Hypervisor based Inspection enabled:false
                                                                                                                                                                                      Report type:full
                                                                                                                                                                                      Cookbook file name:default.jbs
                                                                                                                                                                                      Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                      Number of analysed new started processes analysed:41
                                                                                                                                                                                      Number of new started drivers analysed:0
                                                                                                                                                                                      Number of existing processes analysed:0
                                                                                                                                                                                      Number of existing drivers analysed:0
                                                                                                                                                                                      Number of injected processes analysed:0
                                                                                                                                                                                      Technologies:
                                                                                                                                                                                      • HCA enabled
                                                                                                                                                                                      • EGA enabled
                                                                                                                                                                                      • AMSI enabled
                                                                                                                                                                                      Analysis Mode:default
                                                                                                                                                                                      Analysis stop reason:Timeout
                                                                                                                                                                                      Sample name:SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                      Detection:SUS
                                                                                                                                                                                      Classification:sus31.evad.winEXE@120/207@42/16
                                                                                                                                                                                      EGA Information:
                                                                                                                                                                                      • Successful, ratio: 100%
                                                                                                                                                                                      HCA Information:
                                                                                                                                                                                      • Successful, ratio: 97%
                                                                                                                                                                                      • Number of executed functions: 185
                                                                                                                                                                                      • Number of non-executed functions: 151
                                                                                                                                                                                      Cookbook Comments:
                                                                                                                                                                                      • Found application associated with file extension: .exe

                                                                                                                                                                                      Warnings

                                                                                                                                                                                      • Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
                                                                                                                                                                                      • Excluded IPs from analysis (whitelisted): 199.232.214.172, 192.229.211.108, 172.253.115.94, 172.253.115.100, 172.253.115.102, 172.253.115.113, 172.253.115.101, 172.253.115.138, 172.253.115.139, 64.233.180.84, 34.104.35.123, 142.251.163.97, 142.251.163.95, 142.251.167.94, 172.253.122.95, 64.233.180.95, 172.253.62.95, 172.253.115.95, 142.251.111.95, 142.251.16.95, 142.251.167.95, 142.250.31.95, 172.253.63.95, 142.251.16.94, 142.250.31.94, 142.251.111.100, 142.251.111.113, 142.251.111.102, 142.251.111.101, 142.251.111.138, 142.251.111.139
                                                                                                                                                                                      • Excluded domains from analysis (whitelisted): clients1.google.com, fonts.googleapis.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, fonts.gstatic.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, www.googletagmanager.com, update.googleapis.com, clients.l.google.com
                                                                                                                                                                                      • HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                                                                                      • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                      • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                      • Report size exceeded maximum capacity and may have missing disassembly code.
                                                                                                                                                                                      • Report size exceeded maximum capacity and may have missing network information.
                                                                                                                                                                                      • Report size getting too big, too many NtEnumerateKey calls found.
                                                                                                                                                                                      • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                      • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                                                                      • Report size getting too big, too many NtQueryValueKey calls found.

                                                                                                                                                                                      Simulations

                                                                                                                                                                                      Behavior and APIs

                                                                                                                                                                                      TimeTypeDescription
                                                                                                                                                                                      13:32:57Task SchedulerRun new task: Session agent for Process Lasso path: "C:\Users\user\Desktop\bitsumsessionagent.exe" s>----------------------------------------------------------------
                                                                                                                                                                                      14:32:58API Interceptor1x Sleep call for process: bitsumsessionagent.exe modified

                                                                                                                                                                                      Joe Sandbox View / Context

                                                                                                                                                                                      IPs

                                                                                                                                                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                      44.229.0.33RFQ Webcor Construction MV23932.emlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                        18.238.49.4https://gladwinlindoor.goprospero.com/P4f321Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                          https://logrhythm.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                            44.237.131.121https://app.milanote.com/1RZbnl1zfBXuaf?p=r2B66sphbV4Get hashmaliciousUnknownBrowse
                                                                                                                                                                                              https://www.ticketlike.fun/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                https://sociallinks.lt.acemlnb.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZzb2NpYWxsaW5rcy5pbyUyRm9zaW50LXdlYmluYXJzJTJGd2ViaW5hci1lbmhhbmNpbmctYW1sLWludmVzdGlnYXRpb25zLXdpdGgtb3NpbnQlM0Z1dG1fc291cmNlJTNEZW1haWwlMjZ1dG1fbWVkaXVtJTNEd2ViaW5hciUyNnV0bV9jYW1wYWlnbiUzRGFtbF8wNF8yNA==&sig=bEXSTLMngghhoUjnhUiGrKrf6GsWGU1eAwJ54z8GbBH&iat=1712921684&a=%7C%7C612077526%7C%7C&account=sociallinks%2Eactivehosted%2Ecom&email=I4809riumLU7t4jf%2BoK9uHOsQeuYYw6CYkuCsQDv%3AFRtI69CZolNJDOUhiGMO%2BO9bqaecpEWw&s=f7847248dd0f6e35d5eb6514571a7081&i=993A1018A3A5488Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                  https://trk.klclick.com/ls/click?upn=u001.Q-2FRM-2Bs26jJfGw5AtNrGvPFaa5lejHmUIi2s3XIXjS4SFS30aArOHMNQ1hGlzsseoKGVGu56u222BRg31GgNXTUmjenWxalU9lUaULzrBeV4-3DiQ2U_EMv3ibMoStDGptK1Lms5B9GNcIxUJoI7nZBoidcaOggmj5FAjQl0qnOmLtI1x1Ohc-2BFRm3llFgfvw4mcvsY2XyBfnm98SHSdVCZ86-2BuKsLA2HgCbBe-2FV6e4A4nHCyo1OMmln-2F0hRmIg8oOLoTHm3y82lNE3q8yukWTVI8YmWQK04Psc5e0o29a63gbehTN1s-2F3YcCHGyWre7JzE0che68CkQJREyvE-2BnznK1x1qH9lEOaeyErF7D5dkfqcesgeIRQ265un1YA7wdBLBYVVHj58YMhViz4q3Gib3lLtvWu3VynSmLfeCwmJkAHPTj9kIXGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                    192.0.76.3http://timelessbeautylessons.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                    • pixel.wp.com/g.gif?v=ext&blog=186869850&post=0&tz=0&srv=timelessbeautylessons.com&j=1%3A13.0&host=timelessbeautylessons.com&ref=&fcp=937&rand=0.645624121504794
                                                                                                                                                                                                    http://enricolevatoblog.altervista.org/usare-antenna-bluetooth-esterna-con-smartphone-android/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                    • pixel.wp.com/g.gif?v=ext&blog=114565633&post=440&tz=2&srv=enricolevatoblog.altervista.org&j=1%3A12.0&host=enricolevatoblog.altervista.org&ref=http%3A%2F%2Fenricolevatoblog.altervista.org%2Fusare-antenna-bluetooth-esterna-con-smartphone-android%2F&fcp=1788&rand=0.7989966127891737
                                                                                                                                                                                                    http://ban-mww.com/portfolio/ban/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                    • pixel.wp.com/g.gif?v=ext&j=1%3A9.5.3&blog=189127104&post=0&tz=0&srv=ban-mww.com&host=ban-mww.com&ref=&fcp=2938&rand=0.9300317406887679
                                                                                                                                                                                                    http://turnsocial.comGet hashmaliciousXmrigBrowse
                                                                                                                                                                                                    • pixel.wp.com/g.gif?v=ext&j=1%3A7.1.3&blog=41183604&post=0&tz=-8&srv=blog.turnsocial.com&host=blog.turnsocial.com&ref=&fcp=3625&rand=0.05521970713170532
                                                                                                                                                                                                    http://jutheplumber.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                    • pixel.wp.com/g.gif?v=ext&j=1%3A11.3.2&blog=189499576&post=31&tz=0&srv=jutheplumber.com&host=jutheplumber.com&ref=&fcp=1600&rand=0.11354291871956579
                                                                                                                                                                                                    http://pitcrit.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                    • pixel.wp.com/g.gif?v=ext&j=1%3A5.3.2&blog=83440177&post=10415&tz=-4&srv=pitcrit.com&host=pitcrit.com&ref=&fcp=3794&rand=0.8765807685424083
                                                                                                                                                                                                    44.240.201.86RFQ Webcor Construction MV23932.emlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                      151.101.128.176https://preview.webflow.com/preview/87665784?utm_medium=preview_link&utm_source=designer&utm_content=87665784&preview=14c6c58eb6f79601a2f74a0af8d58b28&workflow=previewGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                        http://www.marinetradingpost.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                          https://mode.surfnet.ca/netro/recap.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                            http://cleverchoice.com.auGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                              https://lithiuimvalley.com/ssdGet hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                                                                                                                http://ranchpools.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                  https://kristie-mancell-s-school.teachable.com/p/centerforfamilylifeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                    https://hatdotgov.freewebhostmost.com/Get hashmaliciousTechSupportScamBrowse
                                                                                                                                                                                                                      https://preview.webflow.com/preview/2024-project?utm_medium=preview_link&utm_source=designer&utm_content=2024-project&preview=2bf57169f6b59ecf9c01ab696f7c3560&workflow=previewGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                        https://sociallinks.lt.acemlnb.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZzb2NpYWxsaW5rcy5pbyUyRm9zaW50LXdlYmluYXJzJTJGd2ViaW5hci1lbmhhbmNpbmctYW1sLWludmVzdGlnYXRpb25zLXdpdGgtb3NpbnQlM0Z1dG1fc291cmNlJTNEZW1haWwlMjZ1dG1fbWVkaXVtJTNEd2ViaW5hciUyNnV0bV9jYW1wYWlnbiUzRGFtbF8wNF8yNA==&sig=bEXSTLMngghhoUjnhUiGrKrf6GsWGU1eAwJ54z8GbBH&iat=1712921684&a=%7C%7C612077526%7C%7C&account=sociallinks%2Eactivehosted%2Ecom&email=I4809riumLU7t4jf%2BoK9uHOsQeuYYw6CYkuCsQDv%3AFRtI69CZolNJDOUhiGMO%2BO9bqaecpEWw&s=f7847248dd0f6e35d5eb6514571a7081&i=993A1018A3A5488Get hashmaliciousUnknownBrowse

                                                                                                                                                                                                                          Domains

                                                                                                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                          stats.wp.comhttp://checkyourvehicle.ca/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 192.0.76.3
                                                                                                                                                                                                                          https://corpsierramadre.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 192.0.76.3
                                                                                                                                                                                                                          http://www.corpsierramadre.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 192.0.76.3
                                                                                                                                                                                                                          https://plannexcg.com/plannex_tool_3/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 192.0.76.3
                                                                                                                                                                                                                          https://stake.libertariancounterpoint.com/+6N67YCBGYSfgUDfzZBWz4mBQM+X0RyGi80NjJ/FF4eJwViQGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 192.0.76.3
                                                                                                                                                                                                                          http://divbracket.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 192.0.76.3
                                                                                                                                                                                                                          https://ytw.aay.mybluehost.me/gre/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 192.0.76.3
                                                                                                                                                                                                                          https://www.hegemann-reiners.de/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 192.0.76.3
                                                                                                                                                                                                                          http://www.heritageconsultants.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 192.0.76.3
                                                                                                                                                                                                                          https://www.idofea.org/idea-std-1010-inspection-standardGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 192.0.76.3
                                                                                                                                                                                                                          stripecdn.map.fastly.netCopy of BARBOT CONSTRUCTION.xlsxGet hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                                                                                                                          • 151.101.0.176
                                                                                                                                                                                                                          https://preview.webflow.com/preview/87665784?utm_medium=preview_link&utm_source=designer&utm_content=87665784&preview=14c6c58eb6f79601a2f74a0af8d58b28&workflow=previewGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 151.101.128.176
                                                                                                                                                                                                                          http://www.marinetradingpost.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 151.101.192.176
                                                                                                                                                                                                                          https://app.flutterflow.io/share/integrity-ec71l7Get hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                                                                                                                          • 151.101.192.176
                                                                                                                                                                                                                          RFQ Webcor Construction MV23932.emlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                          • 151.101.64.176
                                                                                                                                                                                                                          https://mode.surfnet.ca/netro/recap.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                          • 151.101.0.176
                                                                                                                                                                                                                          https://mode.surfnet.ca/netro/recap.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                          • 151.101.128.176
                                                                                                                                                                                                                          http://cleverchoice.com.auGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 151.101.0.176
                                                                                                                                                                                                                          http://cleverchoice.com.auGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 151.101.0.176
                                                                                                                                                                                                                          https://app.milanote.com/1RZbnl1zfBXuaf?p=r2B66sphbV4Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 151.101.64.176
                                                                                                                                                                                                                          pixel.wp.comhttp://checkyourvehicle.ca/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 192.0.76.3
                                                                                                                                                                                                                          https://corpsierramadre.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 192.0.76.3
                                                                                                                                                                                                                          http://www.corpsierramadre.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 192.0.76.3
                                                                                                                                                                                                                          https://plannexcg.com/plannex_tool_3/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 192.0.76.3
                                                                                                                                                                                                                          https://stake.libertariancounterpoint.com/+6N67YCBGYSfgUDfzZBWz4mBQM+X0RyGi80NjJ/FF4eJwViQGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 192.0.76.3
                                                                                                                                                                                                                          http://divbracket.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 192.0.76.3
                                                                                                                                                                                                                          https://ytw.aay.mybluehost.me/gre/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 192.0.76.3
                                                                                                                                                                                                                          https://www.hegemann-reiners.de/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 192.0.76.3
                                                                                                                                                                                                                          http://www.heritageconsultants.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 192.0.76.3
                                                                                                                                                                                                                          https://www.idofea.org/idea-std-1010-inspection-standardGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 192.0.76.3
                                                                                                                                                                                                                          m.stripe.comCopy of BARBOT CONSTRUCTION.xlsxGet hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                                                                                                                          • 54.218.161.232
                                                                                                                                                                                                                          https://preview.webflow.com/preview/87665784?utm_medium=preview_link&utm_source=designer&utm_content=87665784&preview=14c6c58eb6f79601a2f74a0af8d58b28&workflow=previewGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 52.33.51.5
                                                                                                                                                                                                                          http://www.marinetradingpost.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 52.33.51.5
                                                                                                                                                                                                                          https://app.flutterflow.io/share/integrity-ec71l7Get hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                                                                                                                          • 54.218.161.232
                                                                                                                                                                                                                          RFQ Webcor Construction MV23932.emlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                          • 44.229.0.33
                                                                                                                                                                                                                          http://cleverchoice.com.auGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 44.237.125.219
                                                                                                                                                                                                                          http://cleverchoice.com.auGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 44.237.49.162
                                                                                                                                                                                                                          https://app.milanote.com/1RZbnl1zfBXuaf?p=r2B66sphbV4Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 44.237.49.162
                                                                                                                                                                                                                          https://lithiuimvalley.com/ssdGet hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                                                                                                                          • 54.213.45.60
                                                                                                                                                                                                                          https://www.ticketlike.fun/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 44.237.131.121

                                                                                                                                                                                                                          ASNs

                                                                                                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                          AMAZON-02USJQf0ehYRnW.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                          • 18.136.8.182
                                                                                                                                                                                                                          v6KtBJBvIM.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                          • 13.224.91.140
                                                                                                                                                                                                                          IQU2qqn8AZ.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                          • 13.113.240.116
                                                                                                                                                                                                                          JCS9ADM3XR.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                          • 34.249.145.219
                                                                                                                                                                                                                          wlFJIK0tXZ.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 34.249.145.219
                                                                                                                                                                                                                          77a9MuTMle.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                          • 34.249.145.219
                                                                                                                                                                                                                          AzlcQuUN0k.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 34.249.145.219
                                                                                                                                                                                                                          wQT6LP2bum.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                          • 34.243.160.129
                                                                                                                                                                                                                          9zU9mg84VT.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 34.249.145.219
                                                                                                                                                                                                                          YUBMrkJZQS.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                          • 34.254.182.186
                                                                                                                                                                                                                          AMAZON-02USJQf0ehYRnW.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                          • 18.136.8.182
                                                                                                                                                                                                                          v6KtBJBvIM.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                          • 13.224.91.140
                                                                                                                                                                                                                          IQU2qqn8AZ.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                          • 13.113.240.116
                                                                                                                                                                                                                          JCS9ADM3XR.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                          • 34.249.145.219
                                                                                                                                                                                                                          wlFJIK0tXZ.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 34.249.145.219
                                                                                                                                                                                                                          77a9MuTMle.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                          • 34.249.145.219
                                                                                                                                                                                                                          AzlcQuUN0k.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 34.249.145.219
                                                                                                                                                                                                                          wQT6LP2bum.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                          • 34.243.160.129
                                                                                                                                                                                                                          9zU9mg84VT.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 34.249.145.219
                                                                                                                                                                                                                          YUBMrkJZQS.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                          • 34.254.182.186
                                                                                                                                                                                                                          CLOUDFLARENETUSR3vjRWX78A.exeGet hashmaliciousMofongoLoaderBrowse
                                                                                                                                                                                                                          • 104.21.30.238
                                                                                                                                                                                                                          Hy424UHYHW.exeGet hashmaliciousMofongoLoaderBrowse
                                                                                                                                                                                                                          • 172.67.174.47
                                                                                                                                                                                                                          hhuMIEqMI4.exeGet hashmaliciousMofongoLoaderBrowse
                                                                                                                                                                                                                          • 104.21.30.238
                                                                                                                                                                                                                          6K9cOetNqp.exeGet hashmaliciousMofongoLoaderBrowse
                                                                                                                                                                                                                          • 104.21.30.238
                                                                                                                                                                                                                          hoe3lPtxUv.exeGet hashmaliciousMofongoLoaderBrowse
                                                                                                                                                                                                                          • 104.21.30.238
                                                                                                                                                                                                                          SecuriteInfo.com.Win32.Malware-gen.14907.28959.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 172.67.217.200
                                                                                                                                                                                                                          SecuriteInfo.com.Win32.Malware-gen.14907.28959.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 172.64.41.3
                                                                                                                                                                                                                          Chlorine 2.0.exeGet hashmaliciousBabadedaBrowse
                                                                                                                                                                                                                          • 104.16.184.241
                                                                                                                                                                                                                          Chlorine 2.0-clean.exeGet hashmaliciousBabadedaBrowse
                                                                                                                                                                                                                          • 104.16.184.241
                                                                                                                                                                                                                          BetterShaders Setup 1.0.4.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 162.159.61.3
                                                                                                                                                                                                                          AUTOMATTICUShttps://securepdffilesaccess%E3%80%82com/docx/#9403ZGF2ZW1AY3BlcXVpdHkuY29t??nEJx==78463=/..=L5QpUY&u=276b8dda4ef94158348d5b6b8&id=6b7205781d#&vg=008d8185-7421-4d39-a8ea-d6571496b99e&stid=14&pti=1&pa=20041&pos=0&p=525094&channelId=21280b5d95ea9121&s=lsfbx0rnvkkgxzgo1sbi4b3z&sgs=2004:15-17+F-150Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                          • 192.0.78.27
                                                                                                                                                                                                                          https://www.bjvpza.cn/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 192.0.73.2
                                                                                                                                                                                                                          https://www.uhnrya.cn/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 192.0.73.2
                                                                                                                                                                                                                          https://www.bjvpza.cn/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 192.0.73.2
                                                                                                                                                                                                                          http://checkyourvehicle.ca/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 192.0.76.3
                                                                                                                                                                                                                          https://www.uhnrya.cn/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 192.0.73.2
                                                                                                                                                                                                                          https://www.sqrhpva.cn/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 192.0.73.2
                                                                                                                                                                                                                          https://eu2.contabostorage.com/623730bdf84d4c8c8cca3738d92e65c2:sco/hunj.html#elections@edmonton.caGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                          • 192.0.78.220
                                                                                                                                                                                                                          https://www.bjvpza.cn/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 192.0.73.2
                                                                                                                                                                                                                          https://www.soqsrkk.cn/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 192.0.73.2
                                                                                                                                                                                                                          AMAZON-02USJQf0ehYRnW.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                          • 18.136.8.182
                                                                                                                                                                                                                          v6KtBJBvIM.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                          • 13.224.91.140
                                                                                                                                                                                                                          IQU2qqn8AZ.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                          • 13.113.240.116
                                                                                                                                                                                                                          JCS9ADM3XR.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                          • 34.249.145.219
                                                                                                                                                                                                                          wlFJIK0tXZ.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 34.249.145.219
                                                                                                                                                                                                                          77a9MuTMle.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                          • 34.249.145.219
                                                                                                                                                                                                                          AzlcQuUN0k.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 34.249.145.219
                                                                                                                                                                                                                          wQT6LP2bum.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                          • 34.243.160.129
                                                                                                                                                                                                                          9zU9mg84VT.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 34.249.145.219
                                                                                                                                                                                                                          YUBMrkJZQS.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                          • 34.254.182.186

                                                                                                                                                                                                                          JA3 Fingerprints

                                                                                                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                          28a2c9bd18a11de089ef85a160da29e4SecuriteInfo.com.Win32.Malware-gen.14907.28959.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 23.221.242.90
                                                                                                                                                                                                                          • 40.68.123.157
                                                                                                                                                                                                                          Chlorine 2.0-clean.exeGet hashmaliciousBabadedaBrowse
                                                                                                                                                                                                                          • 23.221.242.90
                                                                                                                                                                                                                          • 40.68.123.157
                                                                                                                                                                                                                          BetterShaders Setup 1.0.4.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 23.221.242.90
                                                                                                                                                                                                                          • 40.68.123.157
                                                                                                                                                                                                                          64.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 23.221.242.90
                                                                                                                                                                                                                          • 40.68.123.157
                                                                                                                                                                                                                          https://t.co/Mpe5s9WXkWGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                          • 23.221.242.90
                                                                                                                                                                                                                          • 40.68.123.157
                                                                                                                                                                                                                          https://d.artisancellars.workers.dev/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                          • 23.221.242.90
                                                                                                                                                                                                                          • 40.68.123.157
                                                                                                                                                                                                                          https://hentaireadgetxdecoms.z13.web.core.windows.net/index.htmlGet hashmaliciousTechSupportScamBrowse
                                                                                                                                                                                                                          • 23.221.242.90
                                                                                                                                                                                                                          • 40.68.123.157
                                                                                                                                                                                                                          https://rossanarossi.pe/amsoooo/index/openid.pape.max.loader.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          • 23.221.242.90
                                                                                                                                                                                                                          • 40.68.123.157
                                                                                                                                                                                                                          https://bafybeid7pbxezzjeaf2tgcqsje7rqxvvbo3wccjd5yxwgro24ikbnfusky.ipfs.cf-ipfs.com/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                          • 23.221.242.90
                                                                                                                                                                                                                          • 40.68.123.157
                                                                                                                                                                                                                          https://bafybeibgaxm3zgmtr2uhoagte7zccw6aaw33u7bofrv57njnw6wh4vtcra.ipfs.cf-ipfs.com/informations.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                          • 23.221.242.90
                                                                                                                                                                                                                          • 40.68.123.157

                                                                                                                                                                                                                          Dropped Files

                                                                                                                                                                                                                          No context

                                                                                                                                                                                                                          Created / dropped Files

                                                                                                                                                                                                                          C:\Users\user\AppData\Local\ProcessLasso\config\prolasso.ini

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\PostUpdate.exe
                                                                                                                                                                                                                          File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):8406
                                                                                                                                                                                                                          Entropy (8bit):3.5212221023381662
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:192:lCU8hjD6xebh7raMm3am1ZHWYFgCZiONkM666LYsaE9xum:l18hjD7t72Ham1ZHWYFgKiONkM666LY+
                                                                                                                                                                                                                          MD5:AF04BA78239D3A58D532FCE3F4FE16E4
                                                                                                                                                                                                                          SHA1:71CB4297EBA3809C8018D561C3D499A2FB8FE1D0
                                                                                                                                                                                                                          SHA-256:2F1F03A8528FCB824F06CC1066B299BB12A89E69333E63032B3BCB9A41234A4A
                                                                                                                                                                                                                          SHA-512:11E0637522A5A48A4DF0FABB3272904266BEDC768C161358330F39C15A457F388182A7F3BA8CC7B463CD2FAEE13AA7150A631035A33A217B151AB448201DFA8A
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Preview:..[.A.d.m.i.n.i.s.t.r.a.t.i.o.n.].....V.e.r.s.i.o.n.=.5.9.9.0.4.0.0.....C.o.n.f.i.g.P.a.s.s.w.o.r.d.M.D.5.=.....[.O.u.t.O.f.C.o.n.t.r.o.l.P.r.o.c.e.s.s.R.e.s.t.r.a.i.n.t.].....O.o.c.O.n.=.t.r.u.e.....E.x.c.l.u.d.e.C.h.i.l.d.r.e.n.O.f.F.o.r.e.g.r.o.u.n.d.=.t.r.u.e.....D.i.s.a.b.l.e.P.r.o.B.a.l.a.n.c.e.W.h.e.n.S.y.s.I.d.l.e.=.f.a.l.s.e.....P.r.o.B.a.l.a.n.c.e.D.r.o.p.O.n.e.R.a.n.d.o.m.C.o.r.e.=.f.a.l.s.e.....D.o.N.o.t.A.d.j.u.s.t.A.f.f.i.n.i.t.y.I.f.C.u.s.t.o.m.i.z.e.d.=.t.r.u.e.....O.o.c.D.i.s.a.b.l.e.C.o.r.e.P.a.r.k.i.n.g.W.h.i.l.e.I.n.=.f.a.l.s.e.....U.s.e.E.f.f.i.c.i.e.n.c.y.M.o.d.e.=.f.a.l.s.e.....D.i.s.a.b.l.e.P.r.o.B.a.l.a.n.c.e.I.f.S.y.s.I.d.l.e.T.h.i.s.M.a.n.y.M.S.=.3.0.0.0.0.....T.o.t.a.l.P.r.o.c.e.s.s.o.r.U.s.a.g.e.B.e.f.o.r.e.R.e.s.t.r.a.i.n.t.=.4.5.....P.e.r.P.r.o.c.e.s.s.U.s.a.g.e.B.e.f.o.r.e.R.e.s.t.r.a.i.n.t.=.3.2.....T.i.m.e.O.v.e.r.Q.u.o.t.a.B.e.f.o.r.e.R.e.s.t.r.a.i.n.t.=.9.0.0.....P.e.r.P.r.o.c.e.s.s.U.s.a.g.e.F.o.r.R.e.s.t.o.r.e.=.7.....P.l.a.y.O.n.R.e.s.t.r.a.i.n.t.

                                                                                                                                                                                                                          C:\Users\user\Desktop\CPUEater.exe

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                                                          File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):502672
                                                                                                                                                                                                                          Entropy (8bit):6.330670069831537
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:6144:J+O9eBwatpqIx8xUbjqc44pWWXwAdfNNGvsXIw/0WKpr85B7VXShbIe:JUBwSTsw+c44p/XwAVNYrw/0Z85pOUe
                                                                                                                                                                                                                          MD5:109AE453E36762DBB02A65B7AFA15A99
                                                                                                                                                                                                                          SHA1:87EAEC9250C45B161D87159181A701F1B4A94655
                                                                                                                                                                                                                          SHA-256:705A80B1B0918DC7FB3CBA67215C5B17F3FF72D2B514D78FF3BAEEA775062C9B
                                                                                                                                                                                                                          SHA-512:A4F813C433CD403207802CD624DCF2026D67DD21B2E127E7CAE06F9173514F5FF9A0CB92CCD4D1272AB71637A1E512379B2605B9008E112C07E72D85513199DF
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                          • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                          Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.........H![.&r[.&r[.&r..%s^.&r..#s..&r[.&rZ.&r]'"sI.&r]'%sI.&r]'#s..&r.."sJ.&r.. sY.&r..'s@.&r[.'r*.&r1'/st.&r1'.rZ.&r[..rZ.&r1'$sZ.&rRich[.&r........................PE..d......f.........."....&.....(.................@.............................0......~P....`.............................................................P!.......+.......)... ......@...p.......................(.......@...............p............................text............................... ..`.rdata...Q.......R..................@..@.data....z...0......................@....pdata...+.......,...(..............@..@_RDATA...............T..............@..@.rsrc...P!......."...V..............@..@.reloc....... .......x..............@..B........................................................................................................................................................................

                                                                                                                                                                                                                          C:\Users\user\Desktop\Insights.exe

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                                                          File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):776592
                                                                                                                                                                                                                          Entropy (8bit):6.398446463017727
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:12288:d4QtYeRExbf04JcotEtkonQcTo03P4Z22++ZrH3f4kpKGab:htRQbf9Jcoty5nQ2+ZrXfVab
                                                                                                                                                                                                                          MD5:99E13427A89925150E8043266216616D
                                                                                                                                                                                                                          SHA1:48B3630A5285A1E51180E6CBE1B29158FFDCA7A0
                                                                                                                                                                                                                          SHA-256:DE48B71B6D5ACBD84B76D01683A9A1620A1A741E10E0C8EE358292B591CF3DF6
                                                                                                                                                                                                                          SHA-512:6CB40044D94E357CAC81755104311A730A8447955B5B959AEC97481A66C1A8BA5220EC2E6F2F42FE844D885BD9D839A6B8669AADBBFEFDBBB5F894F698B75CC1
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                          • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                          Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......:K.#~*.p~*.p~*.p.X.q{*.p.X.q.*.p~*.p.*.px..ql*.px..ql*.px..q#*.p.X.qo*.p.X.q|*.p.X.qe*.p~*.p.+.p...qL*.p..lp.*.p~*.p.*.p...q.*.pRich~*.p........................PE..d...s..f.........."....&............L..........@.............................p.......T....`....................................................................T3.......)...`.......%..p....................(..(....$..@............0...............................text............................... ..`.rdata.......0......................@..@.data...\........D..................@....pdata..T3.......4..................@..@_RDATA..............................@..@.rsrc...............................@..@.reloc.......`......................@..B........................................................................................................................................................................

                                                                                                                                                                                                                          C:\Users\user\Desktop\InstallHelper.exe

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                                                          File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):786328
                                                                                                                                                                                                                          Entropy (8bit):6.375671924030332
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:12288:ZhZ2UISswj1rTQsv5VLVhm2Gc/GBdkuUi7/vcmGFR9LdKGB:XZtnH1rTQ8VLRuUiL61L/B
                                                                                                                                                                                                                          MD5:43EDDBE32509B144B72CAD5FC105E681
                                                                                                                                                                                                                          SHA1:40D943C9F90FE69E4B0433E7D07C412B1BD95ED6
                                                                                                                                                                                                                          SHA-256:E5F31F563A9F3351D3F3C87C80D36B36B8EA1E7A3BAEE7F290257139B45FF84D
                                                                                                                                                                                                                          SHA-512:C93C7528DE8E8229371AB0C521CF0B03B6D5C45C8373280B2421572305A95F4FB7D48BC80EA2324712F5A1A07937B8DAC0FCB6FBB762536A7BA9847FCDEE97FF
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                          • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........u..&..&..&...'..&...'y.&..&..&.[.'..&.[.'..&.[.'..&...'..&...'..&...'..&..&..&.[.'..&.[m&..&...&..&.[.'..&Rich..&........PE..d......f..........#....&.&...$.................@....................................#..... .............................................................x........3.......)...........[..p....................^..(....Z..@............@...............................text....%.......&.................. ..`.rdata.......@.......*..............@..@.data...L........D..................@....pdata...3.......4..................@..@_RDATA...............J..............@..@.rsrc...x............L..............@..@................................................................................................................................................................................................................................

                                                                                                                                                                                                                          C:\Users\user\Desktop\LogViewer.exe

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                                                          File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):883088
                                                                                                                                                                                                                          Entropy (8bit):5.649249075653694
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:12288:gUgTC0XQLyOD7Ejw0t7pIHIFnAex1UxD7xao+NWg2yOCH:oES6D7xa3oynH
                                                                                                                                                                                                                          MD5:BBA7F094B3BA2814ABF4B5325E080963
                                                                                                                                                                                                                          SHA1:917F014749C484313A5C4E5A1C7A60A9371D800D
                                                                                                                                                                                                                          SHA-256:94F0C6DF1F20BCCCCA0083E4506E619D02FB306D4ABB52C360F0EB420A303320
                                                                                                                                                                                                                          SHA-512:BE89DCF7D4DCB1DE910248693AFFD1A6AA715A8337C517563A1D34E02664D4525E33A7EAB86E29648A3004F091CB74E89A50A04AC108FBF1A244CB1855DA6F65
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                          • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..............@...@...@i.A...@i.A...@i.A...@...@...@...A...@...A...@...A..@i.A...@i.A...@...@...@...A...@..J@...@.."@...@...A...@Rich...@................PE..d......f.........."....&.............e.........@..........................................`............................................................x4... ...H...P...)..............p.......................(.......@............................................text............................... ..`.rdata..(...........................@..@.data...tP.......$..................@....pdata...H... ...J..................@..@_RDATA.......p......................@..@.rsrc...x4.......6..................@..@.reloc...............@..............@..B................................................................................................................................................................................

                                                                                                                                                                                                                          C:\Users\user\Desktop\PostUpdate.exe

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                                                          File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):683408
                                                                                                                                                                                                                          Entropy (8bit):6.423790457820017
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:12288:cy87BJi1HL2+gALAvei7tpbn8rbZXBo8KGMe:cxSHL2+0tpL8RXB7Me
                                                                                                                                                                                                                          MD5:2D51866F9D1AA7FA9619EE68068D89F2
                                                                                                                                                                                                                          SHA1:D16658F130F3B9E53478F699FFDDBFBA2B8827DB
                                                                                                                                                                                                                          SHA-256:E1B23F540A86B2BF3A9CDB1DE71955D5C53F0CF72CFA7AF6FBD9DEB5328B4232
                                                                                                                                                                                                                          SHA-512:738A66D82D18587B3B347C809B3FA3C5B3AFF0C05097E6337EDB6250E9F0DB38CEB81C033D8AF54B999C7BBE557CA4A82EC994D83D24F960F3A3624C8A6D80BD
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                          • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........c.F...F...F.......C...........F...G...@F..T...@F..T...@F..........W.......D......._...F.......,F..n...,F.G...F..G...,F..G...RichF...................PE..d......f.........."....&............ ..........@.........................................`.................................................8p.......P..........,...D...)..............p.......................(...p...@............................................text............................... ..`.rdata...w.......x..................@..@.data....w...........n..............@....pdata...,..........................@..@_RDATA.......@......................@..@.rsrc.......P......................@..@.reloc...............:..............@..B................................................................................................................................................................................

                                                                                                                                                                                                                          C:\Users\user\Desktop\ProcessGovernor.exe

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                                                          File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):1291160
                                                                                                                                                                                                                          Entropy (8bit):6.467633160827674
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:24576:13MJYIXmj337UXuX6D2VUugC+1w4iBzo8ug:13MJYI2D7BX6D2/gCU0t
                                                                                                                                                                                                                          MD5:04168852FDFC6E66B45EE12206455447
                                                                                                                                                                                                                          SHA1:E4B8FA2C687339119BAE5C18F738F5F47A3275C2
                                                                                                                                                                                                                          SHA-256:43929EE48ECAC05453722D8056A945C3E25C394C2EFA99AC88C7097FF849E8B4
                                                                                                                                                                                                                          SHA-512:DBC8312B44A149F30B411D1B36E4BA8859CFAAF0FF164D29D2B2B7827C774286D00787A8B41C9CAC20A5BE39BFEC4FF30BC76D4C33B47F94BA4B519BEAE99853
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                          • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                          Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$........@h.!...!...!..XS...!..XS..9!...!...!.......!.......!.......!..XS...!..XS...!..XS...!...!... ......!......!...!...!......!..Rich.!..........................PE..d...l..f.........."....&.|...H......lT.........@.....................................g....`.................................................x........`.........pw.......)..............8.......................(...p...@............................................text....z.......|.................. ..`.rdata..............................@..@.data.......0...X..................@....pdata..pw.......x...v..............@..@_RDATA.......P......................@..@.rsrc.......`......................@..@.reloc...............x..............@..B........................................................................................................................................................................

                                                                                                                                                                                                                          C:\Users\user\Desktop\ProcessLasso.exe

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                                                          File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):1879960
                                                                                                                                                                                                                          Entropy (8bit):6.4758067031947135
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:24576:RnJmJ4Epru5nmDYEjUQEU7My2KRpS/WhmvpBXzFk/NwL9Vt4r74:90J4nmDrj9v7Mi+Whm3Xzq1d7
                                                                                                                                                                                                                          MD5:2A90A0E4D3294488FB6F81326306B55D
                                                                                                                                                                                                                          SHA1:4326247D0A20E87DDB5B805FCAD5876512307925
                                                                                                                                                                                                                          SHA-256:B0BABD0F9EE4C292F418F049667E38168CC6E94A58D54C64D10799880E07643A
                                                                                                                                                                                                                          SHA-512:BC83A948CDB009787322078CFC14D96B3CD3051E5A8FAFDCADF981B965D2A615A28401F3F73E0B7072DCC6BA76AD2561536F362F980076892A95B066E7D51B6E
                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                          • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                          Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$........ GR.A)..A)..A)./3*..A)./3,.JA)..A)..A)...-..A)...*..A)...,..A)./3-..A)./3/..A)./3(..A)..A(..@)... ..A)......A)..A...A)...+..A).Rich.A).........................PE..d......f.........."....&.............M.........@.............................0...........`..................................................e..|.... ..@....`...........)......<... ...T.......................(.......@............................................text...>........................... ..`.rdata..............................@..@.data...$........`..................@....pdata.......`......................@..@_RDATA..............................@..@.rsrc...@.... ......................@..@.reloc..<............r..............@..B........................................................................................................................................................................

                                                                                                                                                                                                                          C:\Users\user\Desktop\ProcessLassoLauncher.exe

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                                                          File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):410512
                                                                                                                                                                                                                          Entropy (8bit):6.239439858513295
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3072:BVPAgBPrsmf3c4sSxGtHrxHb81dVEI7LRbg7Vu1LIk7HoZ7WK7TlfEQ:bHhrsmf3c2x8Ht8fVck1k7WGpt
                                                                                                                                                                                                                          MD5:9AD220EBCC5887380FE04A734F725038
                                                                                                                                                                                                                          SHA1:297335608C6AF9AE4D8AE8844DBC878FF49BF75B
                                                                                                                                                                                                                          SHA-256:0D5CFCDAAF8C50AB4ECF55D8E716AEE561DC09E0A08F316E13EFC45EDC404EFA
                                                                                                                                                                                                                          SHA-512:0CC084641DDED25886DD7D44E65D97A6F14E1749646C7A9C9293A482A096C8C9E624882685EBBCBAE7BB983FA57CEBF594D7FD9E4E14753F147863013C757BC5
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                          • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........p.n_..=_..=_..=.c.<Z..=.c.<...=.c.<U..=_..=^..=Y..<M..=Y..<N..=Y..<d..=.c.<^..=.c.<L..=_..=...=5..<O..=5.Y=^..=_.1=^..=5..<^..=Rich_..=................PE..d......f.........."....&............8=.........@.........................................`..................................................r..d.......................)...p.......O..p....................R..(....N..@...............0............................text............................... ..`.rdata..............................@..@.data...4*...........d..............@....pdata...............r..............@..@_RDATA..............................@..@.rsrc..............................@..@.reloc.......p......................@..B................................................................................................................................................................................

                                                                                                                                                                                                                          C:\Users\user\Desktop\QuickUpgrade.exe

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\PostUpdate.exe
                                                                                                                                                                                                                          File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):485264
                                                                                                                                                                                                                          Entropy (8bit):6.177695147972194
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:6144:1vTIEyFqfjNjm6ehaPX86cQgNzY4Gr3a7WGII:CpqfjNjm6eEb1v4waKGII
                                                                                                                                                                                                                          MD5:866F8788F27AAF72A926B590D8324643
                                                                                                                                                                                                                          SHA1:078C7E300E74A59A5CF510DC574F89738077DE87
                                                                                                                                                                                                                          SHA-256:85ACB2DFBBC556F8732480C3984A6643C9048A39CA796AD60263692F663266E7
                                                                                                                                                                                                                          SHA-512:F51EAC9CF738476E00660B79B412A2A2B87936CC1EFC631AB440F5E99A8B1A61A0DF52F2B3C819E9541E5BF42853912AC53DEAF0F0BBA7FE19B14F6C80C1A01C
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                          • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......@..5..af..af..af..bg..af..dg..af..eg..af..af..af.7eg..af.7bg..af.7dgD.afn7hg".af..gg..af..`g..af..`fP.afn7dg..afn7.f..af...f..afn7cg..afRich..af........PE..d......f.........."....&.2...(.................@..........................................`.................................................P<..................4....>...)......@.......T.......................(.......@............P.. ............................text....1.......2.................. ..`.rdata.......P.......6..............@..@.data...\p...P...R...4..............@....pdata..4...........................@..@_RDATA..............................@..@.rsrc...............................@..@.reloc..@............4..............@..B................................................................................................................................................................................

                                                                                                                                                                                                                          C:\Users\user\Desktop\QuickUpgrade.exe.Replacement

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                                                          File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):485264
                                                                                                                                                                                                                          Entropy (8bit):6.177695147972194
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:6144:1vTIEyFqfjNjm6ehaPX86cQgNzY4Gr3a7WGII:CpqfjNjm6eEb1v4waKGII
                                                                                                                                                                                                                          MD5:866F8788F27AAF72A926B590D8324643
                                                                                                                                                                                                                          SHA1:078C7E300E74A59A5CF510DC574F89738077DE87
                                                                                                                                                                                                                          SHA-256:85ACB2DFBBC556F8732480C3984A6643C9048A39CA796AD60263692F663266E7
                                                                                                                                                                                                                          SHA-512:F51EAC9CF738476E00660B79B412A2A2B87936CC1EFC631AB440F5E99A8B1A61A0DF52F2B3C819E9541E5BF42853912AC53DEAF0F0BBA7FE19B14F6C80C1A01C
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                          • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......@..5..af..af..af..bg..af..dg..af..eg..af..af..af.7eg..af.7bg..af.7dgD.afn7hg".af..gg..af..`g..af..`fP.afn7dg..afn7.f..af...f..afn7cg..afRich..af........PE..d......f.........."....&.2...(.................@..........................................`.................................................P<..................4....>...)......@.......T.......................(.......@............P.. ............................text....1.......2.................. ..`.rdata.......P.......6..............@..@.data...\p...P...R...4..............@....pdata..4...........................@..@_RDATA..............................@..@.rsrc...............................@..@.reloc..@............4..............@..B................................................................................................................................................................................

                                                                                                                                                                                                                          C:\Users\user\Desktop\ThreadRacer.exe

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                                                          File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):554392
                                                                                                                                                                                                                          Entropy (8bit):6.348039919779083
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:6144:7DFE4hwQC2Gx8hM+RanP8Pm59Yh/DQLMjhICtmCBNJ7WG6:7DFNCnxX+RanP8Pm59c2MjqoJKG6
                                                                                                                                                                                                                          MD5:0CBE5E4E3A4D232296B41BA1AD3FE4B8
                                                                                                                                                                                                                          SHA1:BD1B30D008ACD2D21FAAC0F29B67C73C0280F832
                                                                                                                                                                                                                          SHA-256:901AD76183C0EAC0BA708760B24BFF5B6EDA484ACF874CC4C448003A7349AE73
                                                                                                                                                                                                                          SHA-512:449215C489E655E8A166E653BEAC82CEECE286BB3B78186C719C7C0733545CEC5CCB46C050A806B47A3A6C6C782C9E02F04E10B8C20FCC0AEF81C28955EB895B
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                          • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                          Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......u.r.1i..1i..1i......4i......i..1i..0i..7...#i..7...#i..7...li..[....i...... i......3i......(i..1i..bh..[...2i..[...0i..1i..0i..[...0i..Rich1i..................PE..d......f.........."....&.X...L.................@..........................................`..................................................~.......@.......... %...L...)...........;..p....................=..(...P:..@............p...............................text....W.......X.................. ..`.rdata.......p... ...\..............@..@.data....n...........|..............@....pdata.. %.......&..................@..@_RDATA.......0......................@..@.rsrc........@......................@..@.reloc...............B..............@..B........................................................................................................................................................................

                                                                                                                                                                                                                          C:\Users\user\Desktop\TweakScheduler.exe

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                                                          File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):635288
                                                                                                                                                                                                                          Entropy (8bit):6.377233640602271
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:12288:tPVN2+Ys3jypTnZGEVcmWY2lLEfsmpHF3U+gFY7xmsTSOkOWMqgLumxI8uus:tPVNBTiZG7OBumxIJ
                                                                                                                                                                                                                          MD5:80030894234177E311680BA060CDF714
                                                                                                                                                                                                                          SHA1:97D0D88B19C76DDDFBE83EABCD6DB86254A196A0
                                                                                                                                                                                                                          SHA-256:7423E698C545A1852E7C47DD6D38C4B101E9391CA5C659601A610683862C9C89
                                                                                                                                                                                                                          SHA-512:6F1BB07227EFBF0B7468A91FDDAD7A6B0A4A7367B33A17DAEEFB4BEFB8EBF38B7D6925ED7A788C4FFEE7F82166028FD370798E1FE1E2AC0451794A95AA656983
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                          • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........v..%..%..%...$..%...$I..%...$..%..%..%.%.$..%.%.$..%.%.$..%...$..%...$..%..%%..%.%.$..%.%*%..%.B%..%.%.$..%Rich..%........PE..d......f.........."....&.......................@..........................................`.................................................`................P...].......)...........%..p....................(..(...@$..@............... ............................text...t........................... ..`.rdata..............................@..@.data...Lg.......B..................@....pdata...]...P...^..................@..@memcpy_..............n..............@..._RDATA...............p..............@..@.rsrc................r..............@..@.reloc...............z..............@..B................................................................................................................................................

                                                                                                                                                                                                                          C:\Users\user\Desktop\bitsumsessionagent.exe

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                                                          File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):185752
                                                                                                                                                                                                                          Entropy (8bit):6.324758908981333
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3072:SSpF5lflRmgykL2cEE52WsVdLze6g0hHjWJ7zFaFa3uiJUJeBSeRJE4:1X/fDmgykL2cEERsVdn64jY7mQMe4
                                                                                                                                                                                                                          MD5:BACDA076E8252AFF54E3F66333FACEA6
                                                                                                                                                                                                                          SHA1:AA97EBAD32F987B09430F5C237E1F1F3FA839196
                                                                                                                                                                                                                          SHA-256:C9D87059C4C4332784BD6067DB8B439D08AE451DE89DCDF105A5426B6DC7F22E
                                                                                                                                                                                                                          SHA-512:56288979B0DB0B30C9DACAEF4776734559D867C6A01CCF58A3B07C9A8758FA7E9414B91C78233ADD8FA39449A524B343D57CB792C0825E4317AAFA320D345944
                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                          • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                          Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$..........f@..5@..5@..5...4E..5...4...5...4J..5@..5A..5F[.4P..5F[.4Q..5...4A..5F[.4...5...4K..5@..5...5*[.4G..5*[.5A..5@.l5A..5*[.4A..5Rich@..5........................PE..d......f.........."....&....."......<=.........@.....................................k....`..................................................v..P.......x.......X........)...........O..p....................Q..(....M..@............................................text............................... ..`.rdata..............................@..@.data....%...........v..............@....pdata..X...........................@..@_RDATA..............................@..@.rsrc...x...........................@..@.reloc..............................@..B........................................................................................................................................................................

                                                                                                                                                                                                                          C:\Users\user\Desktop\pl-update.cmd

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                                                          File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):40
                                                                                                                                                                                                                          Entropy (8bit):4.084183719779189
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3:mKDDGXdWNLhymLGO:hSXd6hXGO
                                                                                                                                                                                                                          MD5:CD60CCD708D428DF44CA1D454AD0D68E
                                                                                                                                                                                                                          SHA1:83E3FB9EF19C7D3FAABC0B391F96803652FDA425
                                                                                                                                                                                                                          SHA-256:AB965ED0402B4C474FE6C988AFEE9957C5494C687745114FC80D1FB70FB071BB
                                                                                                                                                                                                                          SHA-512:B400530473683DE0F7CBA3F206B38BA1A0A4D3156A06168C3DB0391EB33BE1CB6FA65E736C746067AAC394D538FC35DE8764C30978734BCF4E84392B3294C10C
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Preview:@echo off..processlasso.exe /updatecheck

                                                                                                                                                                                                                          C:\Users\user\Desktop\pl.cmd

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                                                          File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):77
                                                                                                                                                                                                                          Entropy (8bit):4.479739490998215
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3:mKDD/i+JQMwmov1SWWDqewdcIS:h+GQfH/WOhdcIS
                                                                                                                                                                                                                          MD5:AA54D58336D2565C369498D035737F8A
                                                                                                                                                                                                                          SHA1:C6A8791264081A6F854B30AC11477BDD83A8CBEE
                                                                                                                                                                                                                          SHA-256:9AF8ADD66B2BB4A0252B65E0F13238055B601D689E8D29455D5B2C87F901FD7B
                                                                                                                                                                                                                          SHA-512:82D9EEAB7CB95F012B55D531BA7AF84546BE650702F40CA294C74858ECA5EADC0ED7A87BC65122DF4093E483DFFE1E04E306845871955B2DC4F5113F1CF34838
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Preview:@echo off..InstallHelper.exe /terminate..ProcessLassoLauncher.exe /showwindow

                                                                                                                                                                                                                          C:\Users\user\Desktop\plActivate.exe

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                                                          File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):222616
                                                                                                                                                                                                                          Entropy (8bit):6.376966117390714
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:6144:qltriOEkhed3s/mJN8fVCSYQhvrFHOU8fH:CtrRZhed3s/mJN8fJ914H
                                                                                                                                                                                                                          MD5:BF2CD83A98663E7090B73483DB482566
                                                                                                                                                                                                                          SHA1:2683E26C6DE9AA63BADC271309E9A09F8E3043A7
                                                                                                                                                                                                                          SHA-256:94E76A5D559A11EF10973E1D3C166EA8BBBF6BFA4F4CF056D49D50504CE422B8
                                                                                                                                                                                                                          SHA-512:C3CEEC9E7D5CE0CA49FEFFA003A8CD46F71D26C363811E0AF9E2B8A6F7E348CDCE41959E364866091AC13EC13415BA921785E93F9C9F5D6ABDD8E2569E8C212C
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                          • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~..g:..4:..4:..4..5?..4..5...4..50..4:..4;..4<,.5(..4<,.5+..4<,.5...4..5;..4..5/..4:..4..4P,.5-..4P,{4;..4:..4;..4P,.5;..4Rich:..4................PE..d......f.........."....&.....:......T..........@.....................................i....`.....................................................P.......h....P..@....<...)..............T.......................(.......@............0..8............................text............................... ..`.rdata.......0....... ..............@..@.data....*... ......................@....pdata..@....P......................@..@_RDATA.......p.......,..............@..@.rsrc...h...........................@..@.reloc...............4..............@..B................................................................................................................................................................................

                                                                                                                                                                                                                          C:\Users\user\Desktop\pl_rsrc_bulgarian.dll

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):2025872
                                                                                                                                                                                                                          Entropy (8bit):6.323949668419453
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:6144:TtfFa9MmhuV2FFdq7qFrwnim0gsZEeV3dyomjFC8fB4adLxp7WGCNE/Jt1icNE/a:TtfcHoo0FzLXKGh4ZJe6cwTqREewC
                                                                                                                                                                                                                          MD5:51245584901A842663C44DDE092E6EDF
                                                                                                                                                                                                                          SHA1:BEA0163AEFD438CA341CD09061655BC3F9DC7E8C
                                                                                                                                                                                                                          SHA-256:735A72817E779017B8FFD79DD8412E561E9BD28EC421C0B111AC076F3176C3F6
                                                                                                                                                                                                                          SHA-512:A7C736574FFE22FC1290F78B87E62B306D6DA53AC2395422F997F6AD60B96C16EF01CC3ADE7459965FB178862EE6CE6E6F27F99B4E2392A9C1E5C6DD2823F58F
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                          • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........X...9...9...9....~..9...9...9.......9..Rich.9..........PE..d......f.........." ...&..................................................................`.......................................................... ..p................)..............p............................................................................rdata..\...........................@..@.rsrc...p.... ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                          C:\Users\user\Desktop\pl_rsrc_chinese.dll

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):1853840
                                                                                                                                                                                                                          Entropy (8bit):6.395445658415817
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:12288:8NfcHohXFzLXKGh4ZJe6cwTqREewv02G8wO:8NfcHoJhUHTh1MO
                                                                                                                                                                                                                          MD5:8020A9A51F2C7C203C6503617F17D6F4
                                                                                                                                                                                                                          SHA1:88F3A618207B3DD5931B968AEEB0F2EBCC142FF7
                                                                                                                                                                                                                          SHA-256:BBA475623C91F16568D01FF9304E41B37149B90FB66E47B400276B0C5D58F48A
                                                                                                                                                                                                                          SHA-512:857BED89B7FD19FC2A9E378873942D88D9ABE947D380DECB417F9694723B7F77C420BEF9EE7C3026EEDF083AA9CCD066CB39AFED08B6796EE88A11E542C2A2AB
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                          • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........X=..9S..9S..9S......9S...Q..9S.Rich.9S.PE..d......f.........." ...&.....................................................@......y.....`.......................................................... ............... ...)..............p............................................................................rdata..\...........................@..@.rsrc........ ......................@..@.......f........R..................f...........................f........l..................f............................................RSDS:.W..X.C....7.h.....C:\dev\projs\ProcessSupervisor\output\pl_rsrc_chinese.pdb.......................GCTL....p....rdata..p........rdata$voltmd............rdata$zzzdbg.... ...=...rsrc$01.....].......rsrc$02................................................................................................................................................

                                                                                                                                                                                                                          C:\Users\user\Desktop\pl_rsrc_chinese_traditional.dll

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):1880976
                                                                                                                                                                                                                          Entropy (8bit):6.391745122953166
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:12288:URfcHoApz7FzLXKGh4ZJe6cwTqREewGm1x:ufcHokrhUHTh1/P
                                                                                                                                                                                                                          MD5:6A7E0D871AD3C4F4B7F0BD5ADDD65E86
                                                                                                                                                                                                                          SHA1:EB02FE34BEE6EB1DB17671E44139C6ED1759D33D
                                                                                                                                                                                                                          SHA-256:58F37DD687E5788739E89D9407C7235C4CAEBDFA6498CC4FF5A9EE76DFDE08CF
                                                                                                                                                                                                                          SHA-512:26B95EB44466B54EF463D9669F7254FC60A34A47097D74F4770A90F5C743ABF0C6A9EF158E746B4AA6DBD43AB8CA5EAAA57D3298CE88EE0DF8C6FEC02640D31B
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                          • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........X=..9S..9S..9S......9S...Q..9S.Rich.9S.PE..d......f.........." ...&.............................................................%....`.......................................................... ...................)..............p............................................................................rdata..h...........................@..@.rsrc........ ......................@..@.......f........^..................f...........................f........l..................f............................................RSDS.v....=F.B..Y.......C:\dev\projs\ProcessSupervisor\output\pl_rsrc_chinese_traditional.pdb.......................GCTL....p....rdata..p........rdata$voltmd............rdata$zzzdbg.... ...=...rsrc$01.....]...G...rsrc$02....................................................................................................................................

                                                                                                                                                                                                                          C:\Users\user\Desktop\pl_rsrc_english.dll

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):1994136
                                                                                                                                                                                                                          Entropy (8bit):6.213765217953642
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:6144:o2fFa9MmhuV2FFdq7qFrwnim0gsZEeV3dyRN5ojFC8fB4adLxp7WGCNE/Jt1icNQ:NfcHot+FzLXKGh4ZJe6cwTqREewZc
                                                                                                                                                                                                                          MD5:A2E9D766300624F173B676861AD3D3BF
                                                                                                                                                                                                                          SHA1:FF7FB970D883DFCE982D0595D34814205F9AFF0D
                                                                                                                                                                                                                          SHA-256:4225D7FA5661C8CE20DE72EF4AAD92C36E4E929ED2080FBE57A01D1167ACF5CC
                                                                                                                                                                                                                          SHA-512:1F7F19DA8D97501ED8C06F8CBF9B3EE5F340EC3783C0FA2CCA40ADEC3BF68097F8F2F3EE6CB6EDA15B5E76A839C5A7951C7DE28635B3FD0CEEDF9DCDCBD9E2BD
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                          • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........X=..9S..9S..9S......9S...Q..9S.Rich.9S.PE..d...]..f.........." ...&.....B...............................................`......,.....`.......................................................... ...>...........D...)...........................................................................................rdata..............................@..@.rsrc....>... ...@..................@..@....]..f........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...=...rsrc$01.....].......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                          C:\Users\user\Desktop\pl_rsrc_finnish.dll

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):2024344
                                                                                                                                                                                                                          Entropy (8bit):6.158557356178407
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:6144:r3fFa9MmhuV2FFdq7qFrwnim0gsZEeV3dyuFjFC8fB4adLxp7WGCNE/Jt1icNE/g:zfcHouxFzLXKGh4ZJe6cwTqREew4
                                                                                                                                                                                                                          MD5:D7C84D4500FD024D18CF8B796C54FC02
                                                                                                                                                                                                                          SHA1:5D205226AF2168F35F7280B8F274D6A9037399F1
                                                                                                                                                                                                                          SHA-256:AD417F208CB882ADC1B38401BCDA4C831350718EB3B69CE561188ECE228A8B8D
                                                                                                                                                                                                                          SHA-512:0EEB964855377A7FA85AA347C16951AFF3EE43E279CC341E330726E68B6812C5AC3763E33080025E380A33719E1B6BCBCB89E58614BF08EE9BC2B8086E0045D1
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                          • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........X=..9S..9S..9S......9S...Q..9S.Rich.9S.PE..d......f.........." ...&..................................................................`.......................................................... ..P................)..............p............................................................................rdata..D...........................@..@.rsrc...P.... ......................@..@.......f........9..................f...........................f........l..................f............................................RSDS..hh..E...........c:\pl\output\pl_rsrc_finnish.pdb........................GCTL....p....rdata..p........rdata$voltmd............rdata$zzzdbg.... ...=...rsrc$01.....]..Pw...rsrc$02........................................................................................................................................................................

                                                                                                                                                                                                                          C:\Users\user\Desktop\pl_rsrc_french.dll

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):2039696
                                                                                                                                                                                                                          Entropy (8bit):6.187590283520708
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:6144:wofFa9MmhuV2FFdq7qFrwnim0gsZEeV3dydHjFC8fB4adLxp7WGCNE/Jt1icNE/l:jfcHodDFzLXKGh4ZJe6cwTqREewZsu
                                                                                                                                                                                                                          MD5:62B49F7BDBCABF07705E6456A44AE0EA
                                                                                                                                                                                                                          SHA1:344389C2DF52871BB3B9C02EE5F8480C8B1E2650
                                                                                                                                                                                                                          SHA-256:75181C57BA04195B8C3D579DFA3BAE2A5FECFECF866854D928B7F2A520E38029
                                                                                                                                                                                                                          SHA-512:8B0D6D6E18EF0754D257D7C0C1D62C7E4824BAA8B79B6CEF25B239044CA0F83A9995653A801754689ED5DCE7A9A4EF740078DF0ABBA342F386328C06744E88EA
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........X=..9S..9S..9S......9S...Q..9S.Rich.9S.PE..d......f.........." ...&..................................................... ......HX....`.......................................................... ...................)..............p............................................................................rdata..\...........................@..@.rsrc........ ......................@..@.......f........Q..................f...........................f........l..................f............................................RSDS./yV...L..a...-4....C:\dev\projs\ProcessSupervisor\output\pl_rsrc_french.pdb........................GCTL....p....rdata..p........rdata$voltmd............rdata$zzzdbg.... ...=...rsrc$01.....].......rsrc$02................................................................................................................................................

                                                                                                                                                                                                                          C:\Users\user\Desktop\pl_rsrc_german.dll

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):2055064
                                                                                                                                                                                                                          Entropy (8bit):6.148873225383967
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:12288:1fcHoO8FzLXKGh4ZJe6cwTqREewTv+Yt:1fcHo9hUHTh1h
                                                                                                                                                                                                                          MD5:F0B00CA102AC015BC0C5D4AD3BE0A628
                                                                                                                                                                                                                          SHA1:0FABB020EDFB8C7D9A8EA5F41D412AD186BF410A
                                                                                                                                                                                                                          SHA-256:E0C7CFC3F55D0FDA0B055D86D7E1455C1601A2F2AD83F206EDD06DE2B1828705
                                                                                                                                                                                                                          SHA-512:EDED1CF70214D4944798141891C2C8FFE1B8950D4D05286C213B70801BAAAC94EA738F6E9AC2E50C2010A4D9C90DBDB09114640DDE21DF3F7179F77ED0ED628C
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........X=..9S..9S..9S......9S...Q..9S.Rich.9S.PE..d......f.........." ...&.....0...............................................P.......5 ...`.......................................................... ...,...........2...)..............p............................................................................rdata..\...........................@..@.rsrc....,... ......................@..@.......f........Q..................f...........................f........l..................f............................................RSDSc.9z.7.C.....A.....C:\dev\projs\ProcessSupervisor\output\pl_rsrc_german.pdb........................GCTL....p....rdata..p........rdata$voltmd............rdata$zzzdbg.... ...=...rsrc$01.....].......rsrc$02................................................................................................................................................

                                                                                                                                                                                                                          C:\Users\user\Desktop\pl_rsrc_italian.dll

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):2033048
                                                                                                                                                                                                                          Entropy (8bit):6.186163034222283
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:6144:f9pfFa9MmhuV2FFdq7qFrwnim0gsZEeV3dy9f9ojFC8fB4adLxp7WGCNE/Jt1ico:VpfcHo9IFzLXKGh4ZJe6cwTqREewUK
                                                                                                                                                                                                                          MD5:98D32EF6E5A609B0E91502B4D0DFC661
                                                                                                                                                                                                                          SHA1:D345A144865EC2DC984E1060E2F22230BF39D88C
                                                                                                                                                                                                                          SHA-256:8103858E4FA238886EA2963E38F6884D0397B87BDCC00BE092227D205A9E0400
                                                                                                                                                                                                                          SHA-512:11FFABC08FE8FCB4958CDECB876E25DB84F9E1CCE6E9C33B88D7E40238078E9D368E9518C7A44792C55B4541919782358E04C8ADF80FE6DEAA9F2CE1393EBFEF
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........X=..9S..9S..9S......9S...Q..9S.Rich.9S.PE..d......f.........." ...&..................................................................`.......................................................... ...................)..............p............................................................................rdata..D...........................@..@.rsrc........ ......................@..@.......f........9..................f...........................f........l..................f............................................RSDS}..B.".I.`.w_..:....c:\pl\output\pl_rsrc_italian.pdb........................GCTL....p....rdata..p........rdata$voltmd............rdata$zzzdbg.... ...=...rsrc$01.....].......rsrc$02........................................................................................................................................................................

                                                                                                                                                                                                                          C:\Users\user\Desktop\pl_rsrc_japanese.dll

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):1917328
                                                                                                                                                                                                                          Entropy (8bit):6.3624909839588595
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:12288:YfcHoRaFzLXKGh4ZJe6cwTqREewf7nsOMfy6:YfcHoqhUHTh15Il
                                                                                                                                                                                                                          MD5:B6040CB259F024126E171B8C9BD0316D
                                                                                                                                                                                                                          SHA1:850669EF5EDEFA1E2561C906788DF1F841AE0D47
                                                                                                                                                                                                                          SHA-256:18EDC8D5AE5AECD2F38DBEA8923EE9C1AE986B103EB9D3AAFE791590E7C0D942
                                                                                                                                                                                                                          SHA-512:D84539FFEF8EA4890148E373E0E06AB937DD9141BBF766B22ADEF575035F04D523DA9DF8658F98A8902A0E7E8D62D525658A1933B0A95A1D79E54A49CED10899
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........X=..9S..9S..9S......9S...Q..9S.Rich.9S.PE..d......f.........." ...&.....................................................@......{.....`.......................................................... ...................)..............p............................................................................rdata..\...........................@..@.rsrc........ ......................@..@.......f........S..................f...........................f........l..................f............................................RSDSP.u..i|H......b....C:\dev\projs\ProcessSupervisor\output\pl_rsrc_japanese.pdb......................GCTL....p....rdata..p........rdata$voltmd............rdata$zzzdbg.... ...=...rsrc$01.....].......rsrc$02................................................................................................................................................

                                                                                                                                                                                                                          C:\Users\user\Desktop\pl_rsrc_korean.dll

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):1891216
                                                                                                                                                                                                                          Entropy (8bit):6.412995382311948
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:12288:ffcHo6yslSFzLXKGh4ZJe6cwTqREeweqds98LtPx:ffcHoTslQhUHTh1eqS9ItPx
                                                                                                                                                                                                                          MD5:9E19CF161188EADB4AB6B543D98328B0
                                                                                                                                                                                                                          SHA1:1A56D0F466C09E9D68A33762F701CD956BBAC533
                                                                                                                                                                                                                          SHA-256:9AA43BE1985DE256EBF3DFA3A831888D31510889C2667365D42714D3D471BF66
                                                                                                                                                                                                                          SHA-512:AC948529F2641BC3CA9057A042948CFCE03F7CC54005EB987371E00D36817884A8A32856F55F8AB4D3BAFA43B9301300850FC85BA0D3A116E9C0D3EA49A00A7B
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........X=..9S..9S..9S......9S...Q..9S.Rich.9S.PE..d......f.........." ...&..................................................................`.......................................................... ...................)..............T............................................................................rdata..@...........................@..@.rsrc........ ......................@..@.......f........Q...l...l..........f...........................f........l...................................RSDS:.dn..uJ....D.'.....C:\dev\projs\ProcessSupervisor\output\pl_rsrc_korean.pdb................................T....rdata..T........rdata$voltmd...l........rdata$zzzdbg.... ...=...rsrc$01.....]...o...rsrc$02............................................................................................................................................................................

                                                                                                                                                                                                                          C:\Users\user\Desktop\pl_rsrc_polish.dll

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):2010520
                                                                                                                                                                                                                          Entropy (8bit):6.203115237781142
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:6144:BYefFa9MmhuV2FFdq7qFrwnim0gsZEeV3dyQfjFC8fB4adLxp7WGCNE/Jt1icNEn:JfcHoQbFzLXKGh4ZJe6cwTqREew
                                                                                                                                                                                                                          MD5:8241439F6BFB3E40E71F23A77D06AD63
                                                                                                                                                                                                                          SHA1:A942BAE522BDBC69D5DADC80EA8E9EEEA30074D2
                                                                                                                                                                                                                          SHA-256:23B8C7F4A816B4C0A0C119C21CF60E9B7BF104A86F0FD13C53FA8EF220BFC307
                                                                                                                                                                                                                          SHA-512:D16F0D704B043D7CF34AABB1AE9E7044848AD49997FCFDE2291DFC2A02FE7C677081D4ABCB262E9F47B6EC6B350BCD187355D80D72C361EB559C010161BD2DCD
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........X=..9S..9S..9S......9S...Q..9S.Rich.9S.PE..d......f.........." ...&............................................................2.....`.......................................................... ...~...............)..............T............................................................................rdata..$...........................@..@.rsrc....~... ......................@..@.......f........8...l...l..........f...........................f........l...................................RSDS[.#...G.k*/Hn......c:\pl\output\pl_rsrc_polish.pdb.............................T....rdata..T........rdata$voltmd...l........rdata$zzzdbg.... ...=...rsrc$01.....]...A...rsrc$02........................................................................................................................................................................................................

                                                                                                                                                                                                                          C:\Users\user\Desktop\pl_rsrc_ptbr.dll

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):2054032
                                                                                                                                                                                                                          Entropy (8bit):6.210349329263028
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:6144:SNfFa9MmhuV2FFdq7qFrwnim0gsZEeV3dyARjFC8fB4adLxp7WGCNE/Jt1icNE/x:IfcHoA1FzLXKGh4ZJe6cwTqREewNP
                                                                                                                                                                                                                          MD5:F1F7838224674BE14F8602D7A8BB19AB
                                                                                                                                                                                                                          SHA1:FE767102DBDC83D80B9EB4071E57F0EB3A353928
                                                                                                                                                                                                                          SHA-256:6922E78423AAB1347A74F625AE694C0A3A0C55EBCE89392E28CEBCD54C0F26A5
                                                                                                                                                                                                                          SHA-512:D829AC1CCA251215A12EE56170B51C5E4AED8D90D70FE510956AC714F9DFAB23C7FC05F4DC7FCCA606FC40DAF81200DC76097AC2F9B22AB99549ABA0B1D71ED2
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........X=..9S..9S..9S......9S...Q..9S.Rich.9S.PE..d......f.........." ...&.....,...............................................P............`.......................................................... ..H)...............)..............p............................................................................rdata..@...........................@..@.rsrc...H)... ...*..................@..@.......f........6..................f...........................f........l..................f............................................RSDS......vC....7D @....c:\pl\output\pl_rsrc_ptbr.pdb.......................GCTL....p....rdata..p........rdata$voltmd............rdata$zzzdbg.... ...=...rsrc$01.....]..H....rsrc$02............................................................................................................................................................................

                                                                                                                                                                                                                          C:\Users\user\Desktop\pl_rsrc_russian.dll

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):2003344
                                                                                                                                                                                                                          Entropy (8bit):6.340583966989866
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:6144:RaEfFa9MmhuV2FFdq7qFrwnim0gsZEeV3dyuGjFC8fB4adLxp7WGCNE/Jt1icNEl:RfcHouUFzLXKGh4ZJe6cwTqREewsq
                                                                                                                                                                                                                          MD5:CF4379AF7BA29A857F9097CC29592C6E
                                                                                                                                                                                                                          SHA1:79541209871CD0B7019FDF82A49E9B9DF7EB1660
                                                                                                                                                                                                                          SHA-256:FE64C09A3465BAE4879B4CF21B1705C7ADB9D94F6CB1FBB53A34C3A73EFA8EFA
                                                                                                                                                                                                                          SHA-512:5F9E724642D612417C4173309A8D264C8773B9BA3CECAC36C63D6F01E08991A4741A4F8049526328914F4FBF5D09AB6664C36AC7F126E3635514C0593C908438
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........X=..9S..9S..9S......9S...Q..9S.Rich.9S.PE..d......f.........." ...&.....f.......................................................~....`.......................................................... ...b...........h...)..............p............................................................................rdata..D...........................@..@.rsrc....b... ...d..................@..@.......f........9..................f...........................f........l..................f............................................RSDS.r....H.CN_..<.....c:\pl\output\pl_rsrc_russian.pdb........................GCTL....p....rdata..p........rdata$voltmd............rdata$zzzdbg.... ...=...rsrc$01.....]...%...rsrc$02........................................................................................................................................................................

                                                                                                                                                                                                                          C:\Users\user\Desktop\pl_rsrc_slovenian.dll

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):2010520
                                                                                                                                                                                                                          Entropy (8bit):6.209607969979084
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:12288:L1fcHoK4FzLXKGh4ZJe6cwTqREewqXGA:L1fcHoBhUHTh1qXG
                                                                                                                                                                                                                          MD5:8C7FB3D9A81FBF761860A2DA18DB52E7
                                                                                                                                                                                                                          SHA1:C4172E49067B3C59AF83AAE2727DF54FC1326B54
                                                                                                                                                                                                                          SHA-256:056656316FE240F4E3CB645A11F2836D955F4A79894B046607730C31E39B1B9A
                                                                                                                                                                                                                          SHA-512:736F87F0FB78A980A1875A4EF37F17FFD7B8ADB8BD70B35ECF01A7C0A3CAF7E63360BC1D34E9C3D091EC6887E8A96362D302C12014714E953B9406C1569E36CD
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........X...9...9...9....~..9...9...9.......9..Rich.9..........PE..d...l..f.........." ...&............................................................M ....`.......................................................... ..X|...............)..............p............................................................................rdata..\...........................@..@.rsrc...X|... ...~..................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                          C:\Users\user\Desktop\pl_rsrc_spanish.dll

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):2044816
                                                                                                                                                                                                                          Entropy (8bit):6.188071684910392
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:6144:71fFa9MmhuV2FFdq7qFrwnim0gsZEeV3dyq92ojFC8fB4adLxp7WGCNE/Jt1icNi:RfcHoMTFzLXKGh4ZJe6cwTqREew3
                                                                                                                                                                                                                          MD5:14B4DCC0B2F86EDD7E1005E17FA73BF3
                                                                                                                                                                                                                          SHA1:BF16DB9F9E8E362B8C0829F005FBCDB4DEF950D2
                                                                                                                                                                                                                          SHA-256:CD5500EC707405EB15705DB6A48C12D8F8308078B0C1D068F54B1D4A23D9EFD7
                                                                                                                                                                                                                          SHA-512:2354BF4EC36BD2552D5C678E1D73EF229181FE6EE6595948E663E19227AE8EBB8FE094B4134AF0541D2D37758CC73F2E47DC31F8849AF8CA1D39B394E9E4DE8E
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........X=..9S..9S..9S......9S...Q..9S.Rich.9S.PE..d......f.........." ...&.....................................................0...........`.......................................................... ..(................)..............T............................................................................rdata..@...........................@..@.rsrc...(.... ......................@..@.......f........R...l...l..........f...........................f........l...................................RSDS,..U..B.4...9.4....C:\dev\projs\ProcessSupervisor\output\pl_rsrc_spanish.pdb...............................T....rdata..T........rdata$voltmd...l........rdata$zzzdbg.... ...=...rsrc$01.....]..(....rsrc$02............................................................................................................................................................................

                                                                                                                                                                                                                          C:\Users\user\Desktop\testlasso.exe

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                                                          File Type:PE32+ executable (console) x86-64, for MS Windows
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):230288
                                                                                                                                                                                                                          Entropy (8bit):6.323924748202168
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:6144:fESb8gCmhQQ6bsNNx0OMUeHbbIG1/nStTqLAr9f6M/:cbmhQZbsNNx0FPpVU9yM/
                                                                                                                                                                                                                          MD5:8A043B8DF54F03D657DE4D64EEE36B20
                                                                                                                                                                                                                          SHA1:A9B811D73D66E84D98DF24460A19C97015A1692B
                                                                                                                                                                                                                          SHA-256:51E6984FFA3D2B85A43B3F273432E486150D413E551F149EFE7530EED6203C7D
                                                                                                                                                                                                                          SHA-512:A06831C48D63ED022F4053D24F2B9DA91CC7A54A144FD180DA27609A71BE92ADD37562BF7EB973A1F1D0AA3F724EFD269F0735474D4493EAB4332BC05EA1A4A6
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Preview:MZ......................@...................................(...........!..L.!This program cannot be run in DOS mode....$........y.....]...]...]0j.\...]0j.\y..]0j.\...]...]...]..]...]..\...]..\...]..\...]0j.\...]0j.\...]...]...]...\...]...]...]..b]...]...\...]Rich...]........................PE..d......f..........#....&.6...>......Xk.........@.....................................x.... ..................................................*..P....... ....p.......Z...)..........@...p.......................(.......@............P..x............................text....4.......6.................. ..`.rdata.......P.......:..............@..@.data...\+...@......."..............@....pdata.......p... ...0..............@..@_RDATA...............P..............@..@.rsrc... ............R..............@..@........................................................................................................................................................................................................

                                                                                                                                                                                                                          C:\Users\user\Desktop\vistammsc.exe

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                                                          File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):341912
                                                                                                                                                                                                                          Entropy (8bit):6.140404385962315
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:6144:3Oi2GKGB7EQM1q/WDdlSl6lqI5mIskXMkpJ1cBlZg7fNY+WGoyFt:wGKn31qeDdu6lqImIskXMkpWg7VFt
                                                                                                                                                                                                                          MD5:987C39F25760AF69A7A1FEB238D25456
                                                                                                                                                                                                                          SHA1:9F5DD430F4BB38790EB1C7C18143CF1976B59EBF
                                                                                                                                                                                                                          SHA-256:7130EEF4F6644E30DCE491860445BBDFD727550F73E6DA3F8C87C7731CA1D600
                                                                                                                                                                                                                          SHA-512:5BB0B7627DABBE2A8386FB354475E4845E45B7B11C2E0688E467AFFB379C6EE0733B74B7B29B3011F0785E3B9A6FD5CCE04168570723520B6FC031D5688B4EEC
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........n...........%}....%}..Y............................%}.....%}.....%}.......................d.........Rich...................PE..d......f.........."....&.Z.....................@....................................}.....`..........................................................`.. .... .. ".......)...p.......G..p....................I..(....E..@............p...............................text....X.......Z.................. ..`.rdata..(2...p...4...^..............@..@.data...4n.......B..................@....pdata.. "... ...$..................@..@_RDATA.......P......................@..@.rsrc... ....`......................@..@.reloc.......p......................@..B................................................................................................................................................................................

                                                                                                                                                                                                                          Chrome Cache Entry: 190

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (14132), with no line terminators
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):14132
                                                                                                                                                                                                                          Entropy (8bit):5.384856588544536
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:192:bxE2tGFU8dse7Hjqesg2PaCdkaM5Xi0kh0:be2tGjsgHjROfkaM5S0kh0
                                                                                                                                                                                                                          MD5:C09F472288B201305DB37EAA7B517F88
                                                                                                                                                                                                                          SHA1:32DCDA85EB7CAB778644BB46D6344EF1EBDC5E2D
                                                                                                                                                                                                                          SHA-256:2191DF70C591FDEAF3F7328F90BE1CD77F6C4FF7CD6D53A10692CE09ECC0701C
                                                                                                                                                                                                                          SHA-512:B399BC3DECA15F40846FF51C3910AC402AE5B285B22DE0B23AD5D2DA088D1A49258503F5B147035F298E9E3389C4EA081B96F1D5BCEB39CC571B140116FA7885
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/plugins/nextgen-gallery/static/Lightbox/fancybox/jquery.fancybox-1.3.4.pack.js?ver=3.59.2
                                                                                                                                                                                                                          Preview:!function(c){function r(){l.hide(),j.onerror=j.onload=null,O&&O.abort(),s.empty()}function h(){if(!1===m.onError(v,x,m))return l.hide(),F=!1;m.titleShow=!1,m.width="auto",m.height="auto",s.html('<p id="fancybox-error">The requested content cannot be loaded.<br />Please try again later.</p>'),P()}function a(){var n,t,e,i,a,o,d=v[x];if(r(),m=c.extend({},c.fn.fancybox.defaults,void 0===c(d).data("fancybox")?m:c(d).data("fancybox")),!1!==(o=m.onStart(v,x,m)))if("object"==typeof o&&(m=c.extend(m,o)),e=m.title||(d.nodeName?c(d).attr("title"):d.title)||"",d.nodeName&&!m.orig&&(m.orig=c(d).children("img:first").length?c(d).children("img:first"):c(d)),""===e&&m.orig&&m.titleFromAlt&&(e=m.orig.attr("alt")),n=m.href||(d.nodeName?c(d).attr("href"):d.href)||null,!/^(?:javascript)/i.test(n)&&"#"!=n||(n=null),m.type?(t=m.type,n=n||m.content):m.content?t="html":n&&(t=n.match(S)?"image":n.match(T)?"swf":c(d).hasClass("iframe")?"iframe":0===n.indexOf("#")?"inline":"ajax"),t)switch("inline"==t&&(d=n.subs

                                                                                                                                                                                                                          Chrome Cache Entry: 191

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):15744
                                                                                                                                                                                                                          Entropy (8bit):7.986588355476176
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:384:z1TLklSElcS5V6qQTMUP07JwirW6RlLwK79/:p7EJ5E2bJwi5jLwK79/
                                                                                                                                                                                                                          MD5:15D9F621C3BD1599F0169DCF0BD5E63E
                                                                                                                                                                                                                          SHA1:7CA9C5967F3BB8BFFEAB24B639B49C1E7D03FA52
                                                                                                                                                                                                                          SHA-256:F6734F8177112C0839B961F96D813FCB189D81B60E96C33278C1983B6F419615
                                                                                                                                                                                                                          SHA-512:D35A47162FC160CD5F806C3BB7FEB50EC96FDFC81753660EAD22EF33F89BE6B1BFD63D1135F6B479D35C2E9D30F2360FFC8819EFCA672270E230635BCB206C82
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
                                                                                                                                                                                                                          Preview:wOF2......=........t..=..........................d..d..^.`.. .T..<.....|..{........6.$.... ..t. ..I.3.%.....8..&....4Z.|t .8.........D...$.uNE.P.E.Ak...=.x.9Xz.`.I..R....#F+B`..}.RP|E...Z\.W[.............C...QB....m...cm.?.F.g.......Q....3......p...L2.[......!+@U..^~.......D.?.......j...U...c..U.l.6{...m.CD].h.t.....Q8.....@P...L.c.....+...ZD..2.K...:..4{g..:..~....v......<..H^.R.'....8....?.;...uy.VW..8=.".F..*.....@E....c....=..Ib.....y8$.a){.......KiIW.&..~.}..1..w.M..{.4......!..{..F.H.5#K...t..5.w...ve;. '......NJ......'(%;...?...D...M.Cq,<.=?.f......._...V..bA.(..37..v....+.uY.C.b.w8AF..3.n.-..'..U%.2....o.l."...^bj..aoF.!`....A....j...'.:Z.u...[..p.GW:U%.Ejq...:I...C........S.C...sJe.6D...<.UM,..&h..z}.y|..9...D..j...n..B.$..T....?../.Q..=B...C._.f.#.:Bo.@]T.(..v..F..+d...". ......R..R..R....!..~A....X............>!`p..,08. 9.../.....r..Q.......Qpg.\ko...C..3..Y.y..t'.d9..>#|..3..?.#..$....i........g5.z....S....{3..Sp..S2..w.6........

                                                                                                                                                                                                                          Chrome Cache Entry: 192

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):50
                                                                                                                                                                                                                          Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                          MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                          SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                          SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                          SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                          Chrome Cache Entry: 193

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):50
                                                                                                                                                                                                                          Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                          MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                          SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                          SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                          SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://pixel.wp.com/g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3177&rand=0.6102218130973263
                                                                                                                                                                                                                          Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                          Chrome Cache Entry: 194

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):50
                                                                                                                                                                                                                          Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                          MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                          SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                          SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                          SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                          Chrome Cache Entry: 195

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (7711)
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):264353
                                                                                                                                                                                                                          Entropy (8bit):5.574761665199655
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3072:w9YFn0/VPLu0h2zNeHWC8Hdth1FytS5sSONhZ6yjRAO5GbkwlY2nJg8+r2zrhfp:GYF6rgzNVlGG2Z6yjRV5c1CV2z/
                                                                                                                                                                                                                          MD5:4FD2C9D62D9F31E1F655E016029D8FB4
                                                                                                                                                                                                                          SHA1:F09C9F59555EB4A248AF3E79DCB23F15A9F41478
                                                                                                                                                                                                                          SHA-256:25102D1A8359BFAD577DB6B8BDC0CB1FF2EFB8FFDB8601A88EC27E1CD857C12F
                                                                                                                                                                                                                          SHA-512:3EF328C13DB2D7A894F13094FF84AD3DAFFBFCF2E32DA3491344566D1A37A0157A0A282FFD1C16AC3228F2A497D8D0F8F51168939B072CF6CEBAECF4766150D3
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://www.googletagmanager.com/gtag/js?id=G-ZV0D0J286B
                                                                                                                                                                                                                          Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"1",. . "macros":[{"function":"__e"},{"vtp_signal":1,"function":"__c","vtp_value":1},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0},{"vtp_signal":1,"function":"__c","vtp_value":1},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_1p_data_v2","priority":12,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR","vtp_phoneValue":"","vtp_streetType":"CSS_SELECTOR","vtp_autoPhoneEnabled":false,"vtp_postalCodeType":"CSS_SELECTOR","vtp_email

                                                                                                                                                                                                                          Chrome Cache Entry: 196

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:Web Open Font Format (Version 2), TrueType, length 18752, version 1.6554
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):18752
                                                                                                                                                                                                                          Entropy (8bit):7.988629781373645
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:384:bnoxrhN0WB5TRqz+ZPPbpEX1nlatVx5Rqt0nD+Zg:rojnHTG+Rq1niL80Db
                                                                                                                                                                                                                          MD5:D705022D209F31BFD674BC9171BDB499
                                                                                                                                                                                                                          SHA1:66489CEFBA225677E2ED8A7FC47F04C236B08E3D
                                                                                                                                                                                                                          SHA-256:FE56A896F0EB699CED9BB48660429176C384CE8014666D5ED59E017EE3514021
                                                                                                                                                                                                                          SHA-512:97DFEE19FA807FAC7DA0CA76095408AC52C0DFA81059BF02BA6ADF749443A1AC4992009DE1ABF809254B8C8FBF7C2F0179C5A03F71A8103A291AB426B7741F42
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/themes/meminz/fonts/open-sans/opensans-regular-webfont.woff2
                                                                                                                                                                                                                          Preview:wOF2......I@.......`..H.........................?FFTM.. .....(.`..Z.F..e.....x....6.$..&..V.. ..N..e..v?webf..R.5x.2.v..!=.g#..8@@b....6.@.'....kr2d...^}.A..7....bU4.l...X4,..i..e.P!....>*...Qz..e.x.[x6....L...n..A.oQ..M/..B..Sq...,lXM...eaU2....|....X..w.=...?../\.....<i....:..}......Wj..7..u...i..H.5#..H....$.v....B..V....+@....O.t..%]..T.....#]Rtrn.0.o.{.*f..=3&*"F.9g`cM..Dt..1....9]..o.k...=U....R.......$..v...$.I ..$r.D...W{..YJ.A!dJZ:..(..P?T......[.........7&_e.....C...S.:.\..._..^..f{....I.I.L..7..-.r.[.V.-p.N/....+D....#:,u]S............!]Ho.-...su..s.;...Mi...G.B.G2..n.C....j...(.8f...!...._..W.TJs....3......M5..o. . .-.:&:d.....B.uQ..73..7.........A...$`@... .2His.d9..*..R..C.E.r...?..hm./.V....f.h..A-zH.".....u...-.JV....f.s.M.....hFop...an_.L.[!......p..-K.Bnn.k.X!2.<..7.........FJ.@......c.^..o.7U.(q,'a....;v...x... ......`..h.^.Q.i.. .t..n..r.3..s..h.9q.....lF.....c..8...\.i.."....:8..;@M ....A`...O.l..8.R.........0.......Bh!.H.u

                                                                                                                                                                                                                          Chrome Cache Entry: 197

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):50
                                                                                                                                                                                                                          Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                          MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                          SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                          SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                          SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://pixel.wp.com/g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1888&rand=0.7260079474896437
                                                                                                                                                                                                                          Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                          Chrome Cache Entry: 198

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):50
                                                                                                                                                                                                                          Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                          MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                          SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                          SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                          SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://pixel.wp.com/g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=0&rand=0.5645082368297181
                                                                                                                                                                                                                          Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                          Chrome Cache Entry: 199

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (12463), with no line terminators
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):12463
                                                                                                                                                                                                                          Entropy (8bit):5.0632329893463215
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:192:YoC0/0Gg3k02W54NApUgJzBdAA+p5oNBaAQaAwHM8WFUsZO0RPdW4EmaD:ZCyGV54wUgynmDaActFUsBFHED
                                                                                                                                                                                                                          MD5:F7C8C87D24C2A81064F86B48697FFEB8
                                                                                                                                                                                                                          SHA1:8D8DF3B7673E1481DDC00B0820CD0CE1944996E3
                                                                                                                                                                                                                          SHA-256:B9052EA598420869C9196E164A35704BC0784102625072CD258E14125FCF5D92
                                                                                                                                                                                                                          SHA-512:AA140D2B4A0F3C8EF8988B76D74DD2FF91AAD950669A38783B6DD3C46D3E98C370A4AD1A09236AB8360B606B2A1620F8E252D6004824E67E891B46102E05CBC7
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/plugins/easy-digital-downloads-pro/assets/js/edd-ajax.js?ver=3.2.12
                                                                                                                                                                                                                          Preview:!function(e){var t={};function d(a){if(t[a])return t[a].exports;var r=t[a]={i:a,l:!1,exports:{}};return e[a].call(r.exports,r,r.exports,d),r.l=!0,r.exports}d.m=e,d.c=t,d.d=function(e,t,a){d.o(e,t)||Object.defineProperty(e,t,{enumerable:!0,get:a})},d.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},d.t=function(e,t){if(1&t&&(e=d(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var a=Object.create(null);if(d.r(a),Object.defineProperty(a,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var r in e)d.d(a,r,function(t){return e[t]}.bind(null,r));return a},d.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return d.d(t,"a",t),t},d.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},d.p="",d(d.s=346)}({1:function(e,t){e.exports=jQuery},346:function(e,t,d){"use strict";d.r(t),function(e){

                                                                                                                                                                                                                          Chrome Cache Entry: 200

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1392)
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):11689
                                                                                                                                                                                                                          Entropy (8bit):5.161807419486538
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:192:mkgH/9W0He1ZFe1ZfLvrL4aPHo+JBoTuFumJfpoT7lGnTH4IUg:+FWyrL4o/HrUg
                                                                                                                                                                                                                          MD5:9593C634B81C031342CBE0FA03903D47
                                                                                                                                                                                                                          SHA1:DD68EE9D73731B22FB7252F66BE8BEA5D17227C7
                                                                                                                                                                                                                          SHA-256:D7BDBA02AFA8C04C13F280C71A50F8C8186C883711C5DABBD13566DD738BFF0A
                                                                                                                                                                                                                          SHA-512:F148020673308A496E6DB48A8468DF81F78B8AA63812C4ACDCC7B5D7265A241491726ACFAA4EE578A71B23F5111D336E446BD7C8028634BC4E8C01F472028270
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/plugins/google-analytics-premium/assets/js/frontend-gtag.min.js?ver=8.26.0
                                                                                                                                                                                                                          Preview:;var MonsterInsights=function(){var e=[],i='',r=!1;this.setLastClicked=function(t,n,i){t=typeof t!=='undefined'?t:[];n=typeof n!=='undefined'?n:[];i=typeof i!=='undefined'?i:!1;e.valuesArray=t;e.fieldsArray=n};this.getLastClicked=function(){return e};this.setInternalAsOutboundCategory=function(e){i=e};this.getInternalAsOutboundCategory=function(){return i};this.sendEvent=function(e,t,n){y(e,t,n,[])};function d(){if(window.monsterinsights_debug_mode){return!0}.else{return!1}};function p(e,t,n){var l={};for(var i in e){if(!e.hasOwnProperty(i)){continue};if(t&&t.indexOf(i)===-1){continue};if(n&&n.indexOf(i)>-1){continue};l[i]=e[i]};return l};function b(e,t,n){if(!monsterinsights_frontend.v4_id||e!=='event'){return};var i=n.event_category||'',a=['event_name','event_category','event_label','value',],l=p(n,null,a);l.action=t;l.send_to=monsterinsights_frontend.v4_id;let hitType=i.replace('-','_');if(i.indexOf('outbound-link')!==-1){hitType='click'}.else if(i==='download'){hitType='file_downlo

                                                                                                                                                                                                                          Chrome Cache Entry: 201

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:PC bitmap, Windows 3.x format, 48 x 48 x 24, image size 6912, resolution 9449 x 9449 px/m, cbSize 6966, bits offset 54
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):6966
                                                                                                                                                                                                                          Entropy (8bit):4.755735232059843
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:96:3y7OJpqOMHZmO/w6oG4RPr2M9Ie7RKv6UY+nc:3yepdM5H/wZT2M+e7gv6UY+nc
                                                                                                                                                                                                                          MD5:E97C27D1C2142F1276F319A87B466484
                                                                                                                                                                                                                          SHA1:43ECEEF6D1269A1EE51C0914B7F3F303C7D8E9E7
                                                                                                                                                                                                                          SHA-256:A53A853591D9E14FC0C99103518EDA928B0FCCB3F4C923689C628C71CDCD3C2D
                                                                                                                                                                                                                          SHA-512:D9E984B4AB6688B7049632089AF8CE986911C463B28229759474F2D82007CB06054D1BCF5BD9306276194A9243C7449500DC6926DE9FC59E00404B5CD0F9C735
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/uploads/favicon.png
                                                                                                                                                                                                                          Preview:BM6.......6...(...0...0................$...$.............................................................................................................................................................................................................u.P..?.w<.p=.m=.i=.h=.j=.l<.q<.xG..j................................................................................................X.=.v=.k=.a>.[>.W>.T>.S>.Q>.O>.Q>.S>.U>.Y=.`=.h<.s=.~q................................................................................A.|=.k=.b>.[>.V>.R>.Q>.P?.N?.M?.L?.K?.K?.M?.O>.Q>.R>.V>.^=.g<.s?..........................................................................C.~=.j=.`>.Z>.Y>.U>.T>.R>.Q>.Q>.Q>.P>.P?.O?.N>.P>.Q>.Q>.Q>.T>.X>.\=.c=.n;.|..............................................................k.<.p=.e=.`>.[>.Y>.W>.U>.S>.R>.Q>.Q>.Q>.Q>.Q>.Q>.Q>.Q>.Q9.K7.J7.L7.O7.Q7.V=.e=.n<.~.........................................................X.=.m=.e=.`>.\>.Y>.W>.V>.T>.S>.R>.Q>.Q>.R>.R>.R>.Q>.Q>

                                                                                                                                                                                                                          Chrome Cache Entry: 202

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (341), with no line terminators
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):341
                                                                                                                                                                                                                          Entropy (8bit):4.985562338389113
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:6:2LG36p3QLkW0D9PIg3mtVVBI9qR3JpV32J3iVNfCRHW5pELlCfbWCrf1rXm56p1n:2U6hv9PIgyvIoT32SJCIp6CTWC056bn
                                                                                                                                                                                                                          MD5:1060197390AC55F64B5AF979885274AD
                                                                                                                                                                                                                          SHA1:84C9F127E23AC6D89DEC691345B0930B6BD9E75B
                                                                                                                                                                                                                          SHA-256:53C3E7A78FC2DE0FD9BAEA7B14FBE9726F59565D2B5E8B8D96019D4C06F9B74F
                                                                                                                                                                                                                          SHA-512:AE04EBBEA631C6B03ECAE66CD1745829E54AD152989DAEB75389E600B820A106717DCC23CCA4222E8623B6FDC0FD1FA00C6D6B8DD865BCD97FB1F7B59686633F
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/plugins/edd-user-history/assets/js/tracking.js?ver=1.2.0
                                                                                                                                                                                                                          Preview:(function(window,document,$,undefined){var EDDUH={init:function(){EDDUH.trackHistory();},trackHistory:function(){$.ajax({type:"POST",url:edduh.ajaxUrl,data:{action:'edduh_track_history',page_url:edduh.currentUrl,referrer:document.referrer},success:function(response){}}).fail(function(response){});}};EDDUH.init();})(window,document,jQuery);

                                                                                                                                                                                                                          Chrome Cache Entry: 203

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):50
                                                                                                                                                                                                                          Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                          MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                          SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                          SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                          SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                          Chrome Cache Entry: 204

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (2365), with no line terminators
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):2365
                                                                                                                                                                                                                          Entropy (8bit):4.697204613723889
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:48:bTk6NKAKXTSXcbwMC0OkSYzPFpDG4abZe:bNyY4+e
                                                                                                                                                                                                                          MD5:0F2F239462DBE979F168FF6361F20CC3
                                                                                                                                                                                                                          SHA1:3ADC95702536E0A3BDB56A96192B235C9782CEA4
                                                                                                                                                                                                                          SHA-256:85453727039FC1323F5F9DA51615C0244FC05EC5857B25787EFC332F5539E07D
                                                                                                                                                                                                                          SHA-512:71C901C7EAF0EC84D9DCF76B3CFDC3EF53C660DBEF452AE4A10339F49489767EF1E56349F86EDAA1C33AD6E303048B7180D7199AE7DF841B0B5CA365F7D1DC8A
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/plugins/tml-social/assets/styles/tml-social.min.css?ver=1.1
                                                                                                                                                                                                                          Preview:.tml-login,.tml-register,.tml-social-divider,.tml-social-providers{max-width:320px}.tml-social-divider{margin:2em 0}.tml-social-divider span{display:none}ul.tml-social-providers{list-style:none;margin:0 auto;padding:0}ul.tml-social-providers li{margin:1em 0;padding:0}.tml-social-provider:after{content:'';clear:both;display:table}.tml-social-provider .tml-social-provider-icon{border-right:1px solid rgba(0,0,0,.2);display:table-cell;text-align:center;vertical-align:middle;width:2.5em}.tml-social-provider .tml-social-provider-icon img{border-radius:0;-webkit-box-shadow:none;box-shadow:none;display:inline-block;width:1.5em}.tml-social-provider .tml-social-provider-text{display:table-cell;padding-left:1em;line-height:2.5}.tml-social-providers a.tml-social-provider:link,.tml-social-providers a.tml-social-provider:visited{-webkit-box-shadow:none;box-shadow:none;border:1px solid rgba(0,0,0,.2);display:block;line-height:1;text-align:left;text-decoration:none}.tml-social-providers a.tml-social-p

                                                                                                                                                                                                                          Chrome Cache Entry: 205

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (13479)
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):13577
                                                                                                                                                                                                                          Entropy (8bit):5.272065782731947
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:192:5rprDN+sag6ifKIUpQI99P1tLm9kdgyq1+J3aCJQ+h4MPLORq:5rprxaefKI0LP19m4q1WW+h4Mjp
                                                                                                                                                                                                                          MD5:9FFEB32E2D9EFBF8F70CAABDED242267
                                                                                                                                                                                                                          SHA1:3AD0C10E501AC2A9BFA18F9CD7E700219B378738
                                                                                                                                                                                                                          SHA-256:5274F11E6FB32AE0CF2DFB9F8043272865C397A7C4223B4CFA7D50EA52FBDE89
                                                                                                                                                                                                                          SHA-512:8D6BE545508A1C38278B8AD780C3758AE48A25E4E12EEE443375AA56031D9B356F8C90F22D4F251140FA3F65603AF40523165E33CAE2E2D62FC78EC106E3D731
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
                                                                                                                                                                                                                          Preview:/*! jQuery Migrate v3.4.1 | (c) OpenJS Foundation and other contributors | jquery.org/license */."undefined"==typeof jQuery.migrateMute&&(jQuery.migrateMute=!0),function(t){"use strict";"function"==typeof define&&define.amd?define(["jquery"],function(e){return t(e,window)}):"object"==typeof module&&module.exports?module.exports=t(require("jquery"),window):t(jQuery,window)}(function(s,n){"use strict";function e(e){return 0<=function(e,t){for(var r=/^(\d+)\.(\d+)\.(\d+)/,n=r.exec(e)||[],o=r.exec(t)||[],a=1;a<=3;a++){if(+o[a]<+n[a])return 1;if(+n[a]<+o[a])return-1}return 0}(s.fn.jquery,e)}s.migrateVersion="3.4.1";var t=Object.create(null);s.migrateDisablePatches=function(){for(var e=0;e<arguments.length;e++)t[arguments[e]]=!0},s.migrateEnablePatches=function(){for(var e=0;e<arguments.length;e++)delete t[arguments[e]]},s.migrateIsPatchEnabled=function(e){return!t[e]},n.console&&n.console.log&&(s&&e("3.0.0")&&!e("5.0.0")||n.console.log("JQMIGRATE: jQuery 3.x-4.x REQUIRED"),s.migrateWarnings

                                                                                                                                                                                                                          Chrome Cache Entry: 206

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):120
                                                                                                                                                                                                                          Entropy (8bit):4.992918456043586
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3:HiQVmzthrp6EkD+CG7u8niQVmzthrp6EkD+CG7uhyT3XW2Cu:CQVq3v4+FS2iQVq3v4+FSAX5f
                                                                                                                                                                                                                          MD5:D349321D0A8E78A24679A1B4FB7C9FF0
                                                                                                                                                                                                                          SHA1:FE4173DCE65C16ADEABDFBCDF350B6457F5E64FD
                                                                                                                                                                                                                          SHA-256:0D6BA35BFB469B1C5DBB1A38FF90D69DC6DD1EC63F16854E97E15BFC6BCFFBA6
                                                                                                                                                                                                                          SHA-512:539DCD41FB1693470124818D352CF00CA23B6B5F3FB22F41AA81F61241E97F56FBF8C79D8DABDE33957DC4CAB425882522CD01F4BF0CB8C80644CECDC34E35B5
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAno6FrfIhOQNxIFDY3nLPUSEAngyy7BDf5kRxIFDY3nLPUSEAkSDsvm0IRkdRIFDY3nLPUSEAkdWAETn2si3BIFDY3nLPUSEAkW1UiMX0tYVRIFDY3nLPUSEAkqm5nTo5wGtBIFDY3nLPUSEAlfpX5ElFPzXxIFDYOoWz0=?alt=proto
                                                                                                                                                                                                                          Preview:CgkKBw2N5yz1GgAKCQoHDY3nLPUaAAoJCgcNjecs9RoACgkKBw2N5yz1GgAKCQoHDY3nLPUaAAoJCgcNjecs9RoAChYKFA2DqFs9GgQICRgBGgUImgEYAiAB

                                                                                                                                                                                                                          Chrome Cache Entry: 207

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (6625), with no line terminators
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):6625
                                                                                                                                                                                                                          Entropy (8bit):5.021395915232743
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:192:cvtxGU52v1wAsFYM3qypqEdSmNql44UakS:cvwQ3sFWqxUaP
                                                                                                                                                                                                                          MD5:FD7EF2E4737ACD74FD0DCDC3B515E304
                                                                                                                                                                                                                          SHA1:0D792B33F12A48EE8AAAF2560A63A5682470645B
                                                                                                                                                                                                                          SHA-256:1D52E1AC7D3BC25A8B0FFC257153F9DD50249F96FE9A4DF5E0D771241A69062C
                                                                                                                                                                                                                          SHA-512:3C4358F9605F1CCE097F36689099B8364C43CC360C3D4F5CA77BE5CEE43BB818C6562496F26AD57CE44C34C474FE4CCB6DEED01A14ED259D498F5BC17F9532C7
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0
                                                                                                                                                                                                                          Preview:var runtime=function(t){"use strict";var e,r=Object.prototype,n=r.hasOwnProperty,o=Object.defineProperty||function(t,e,r){t[e]=r.value},i=(w="function"==typeof Symbol?Symbol:{}).iterator||"@@iterator",a=w.asyncIterator||"@@asyncIterator",c=w.toStringTag||"@@toStringTag";function u(t,e,r){return Object.defineProperty(t,e,{value:r,enumerable:!0,configurable:!0,writable:!0}),t[e]}try{u({},"")}catch(r){u=function(t,e,r){return t[e]=r}}function h(t,r,n,i){var a,c,u,h;r=r&&r.prototype instanceof v?r:v,r=Object.create(r.prototype),i=new O(i||[]);return o(r,"_invoke",{value:(a=t,c=n,u=i,h=f,function(t,r){if(h===p)throw new Error("Generator is already running");if(h===y){if("throw"===t)throw r;return{value:e,done:!0}}for(u.method=t,u.arg=r;;){var n=u.delegate;if(n&&(n=function t(r,n){var o=n.method,i=r.iterator[o];return i===e?(n.delegate=null,"throw"===o&&r.iterator.return&&(n.method="return",n.arg=e,t(r,n),"throw"===n.method)||"return"!==o&&(n.method="throw",n.arg=new TypeError("The iterator

                                                                                                                                                                                                                          Chrome Cache Entry: 208

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):50
                                                                                                                                                                                                                          Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                          MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                          SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                          SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                          SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://pixel.wp.com/g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3224&rand=0.7777739801533385
                                                                                                                                                                                                                          Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                          Chrome Cache Entry: 209

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (15752)
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):18726
                                                                                                                                                                                                                          Entropy (8bit):4.756109283632968
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:384:WTbvzWuPTb9Uh3o//bEPjXgA2k1efAJmpr:WX6U9Uh3o//YrXgAGfACr
                                                                                                                                                                                                                          MD5:B976B651932BFD25B9DDB5B7693D88A7
                                                                                                                                                                                                                          SHA1:7FCB7CB5C11227F9213B1E08A07D0212209E1432
                                                                                                                                                                                                                          SHA-256:4E6CE5444C7F396CEF0EB1FA3611034151E485DD06FBE5573A5583E1EEBC98C3
                                                                                                                                                                                                                          SHA-512:A241EBDCFAF153D5C2A86761145B2575CBE734B4F416ACBFAC082AE5C6EB7C706BD6CA3BC286B7E1A0F9E326729252DCB95B776750C4A3A0D81F2AA6258EA39F
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-includes/js/wp-emoji-release.min.js?ver=35eac6e98b37c7568cceeeeb456d12a3
                                                                                                                                                                                                                          Preview:/*! This file is auto-generated */.// Source: wp-includes/js/twemoji.min.js.var twemoji=function(){"use strict";var h={base:"https://cdn.jsdelivr.net/gh/jdecked/twemoji@15.0.3/assets/",ext:".png",size:"72x72",className:"emoji",convert:{fromCodePoint:function(d){d="string"==typeof d?parseInt(d,16):d;if(d<65536)return e(d);return e(55296+((d-=65536)>>10),56320+(1023&d))},toCodePoint:o},onerror:function(){this.parentNode&&this.parentNode.replaceChild(x(this.alt,!1),this)},parse:function(d,u){u&&"function"!=typeof u||(u={callback:u});return h.doNotParse=u.doNotParse,("string"==typeof d?function(d,a){return n(d,function(d){var u,f,c=d,e=N(d),b=a.callback(e,a);if(e&&b){for(f in c="<img ".concat('class="',a.className,'" ','draggable="false" ','alt="',d,'"',' src="',b,'"'),u=a.attributes(d,e))u.hasOwnProperty(f)&&0!==f.indexOf("on")&&-1===c.indexOf(" "+f+"=")&&(c=c.concat(" ",f,'="',u[f].replace(t,r),'"'));c=c.concat("/>")}return c})}:function(d,u){var f,c,e,b,a,t,r,n,o,s,i,l=function d(u,f){v

                                                                                                                                                                                                                          Chrome Cache Entry: 210

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (3199), with no line terminators
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):3199
                                                                                                                                                                                                                          Entropy (8bit):5.389079810933085
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:48:fHbU7ageM1duJ91nllMi5ZObaXLTTTyUhsjKDMDTggy3AqZ0+xOGoydCyAyA:zUugBIhlMiHUkftSy6c33AqZhO+Ro
                                                                                                                                                                                                                          MD5:7948D7ACFBA6C135628BFF46DC2178D4
                                                                                                                                                                                                                          SHA1:5401B73B081718FF6BB60343AD7668C68F3780B2
                                                                                                                                                                                                                          SHA-256:774E90A51B4189C6AB5CB3BADDA2C67D60197F464E43333387651F982E6163BF
                                                                                                                                                                                                                          SHA-512:D98877F96406C14B804B7651C8265E96203B50260B824F8BA35229195E22C3FE12FC6FA8EDB68E5EA6B29B952AD04C8F0CF1C49AB2A665010E2F3CDAF868FA34
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/plugins/nextgen-gallery/static/Lightbox/fancybox/jquery.easing-1.3.pack.js?ver=3.59.2
                                                                                                                                                                                                                          Preview:eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('h.i[\'1a\']=h.i[\'z\'];h.O(h.i,{y:\'D\',z:9(x,t,b,c,d){6 h.i[h.i.y](x,t,b,c,d)},17:9(x,t,b,c,d){6 c*(t/=d)*t+b},D:9(x,t,b,c,d){6-c*(t/=d)*(t-2)+b},13:9(x,t,b,c,d){e((t/=d/2)<1)6 c/2*t*t+b;6-c/2*((--t)*(t-2)-1)+b},X:9(x,t,b,c,d){6 c*(t/=d)*t*t+b},U:9(x,t,b,c,d){6 c*((t=t/d-1)*t*t+1)+b},R:9(x,t,b,c,d){e((t/=d/2)<1)6 c/2*t*t*t+b;6 c/2*((t-=2)*t*t+2)+b},N:9(x,t,b,c,d){6 c*(t/=d)*t*t*t+b},M:9(x,t,b,c,d){6-c*((t=t/d-1)*t*t*t-1)+b},L:9(x,t,b,c,d){e((t/=d/2)<1)6 c/2*t*t*t*t+b;6-c/2*((t-=2)*t*t*t-2)+b},K:9(x,t,b,c,d){6 c*(t/=d)*t*t*t*t+b},J:9(x,t,b,c,d){6 c*((t=t/d-1)*t*t*t*t+1)+b},I:9(x,t,b,c,d){e((t/=d/2)<1)6 c/2*t*t*t*t*t+b;6 c/2*((t-=2)*t*t*t*t+2)+b},G:9(x,t,b,c,d){6-c*8

                                                                                                                                                                                                                          Chrome Cache Entry: 211

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (22480), with no line terminators
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):22480
                                                                                                                                                                                                                          Entropy (8bit):5.07028013691561
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:384:r0zISO+t27Nmeq0xXwAEiZdNdsdBzmdTMZ6:r0zI5+t27NmgxXwAEibdTMw
                                                                                                                                                                                                                          MD5:B938F218B6224649802C889479F5BCE3
                                                                                                                                                                                                                          SHA1:7FF8ADDE481924355A53C164355863E195983100
                                                                                                                                                                                                                          SHA-256:2C9D50F99DEF73E67DD3DD0BCAE8C822FA972CB235B60B43E2C58553A7928D5C
                                                                                                                                                                                                                          SHA-512:D654AC5754B83FED95F4B906BC55382CE7719B85B2B8191933495897EFF6B377E5D22D9763A10B42C7D13377697CD5159A741FA4AA4044F5B973A87A7CDCE14E
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/themes/meminz/style.css?ver=202306092
                                                                                                                                                                                                                          Preview:.wp-caption{max-width:100%}.wp-caption-text{}.wp-caption img{}.gallery-caption{}.bypostauthor{}.aligncenter{text-align:center}.alignleft{text-align:left}.alignright{text-align:right}aside>.widget *{max-width:100%;height:auto}#wp-calendar{width:100%}#wp-calendar tbody{text-align:center}#wp-calendar thead th,#wp-calendar tfoot td,#wp-calendar tbody td{border:1px solid #eaeaea;padding:5px;text-align:center}.widget_search button[type=submit]{border-width:2px}.sticky{font-size:16px;background-color:#ffffe0;border:3px dotted #000;padding:10px}.sticky>article{background-color:transparent}.mb-15{margin-bottom:15px}.widget_archive select{width:100%}.page-title{font-size:42px;line-height:48px;margin-bottom:.33em;margin-top:.2em}table{border-width:1px 1px 1px 0;border-color:#ededed #ededed #ededed transparent;border-style:solid solid solid none;border-collapse:collapse;border-spacing:0;margin:0 0 20px;width:100%}table th,table td{border-top:1px solid #ededed;border-left:1px solid #ededed;padding:

                                                                                                                                                                                                                          Chrome Cache Entry: 212

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (38582), with no line terminators
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):38590
                                                                                                                                                                                                                          Entropy (8bit):5.294651497536075
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:384:rO70wDgKuJz+ZbNuSPlVTzkRnddaJQUky7nrTDKUgigNC1Qaa3rJBFgTsVNmlio4:w0qumBs/0Xnaiwa6ssUoqAMnwtB
                                                                                                                                                                                                                          MD5:92F8C01350C630F414F5D0B015AD6864
                                                                                                                                                                                                                          SHA1:EAB40AB4E77F92F2FB17684AAF44B579A51B8034
                                                                                                                                                                                                                          SHA-256:17B79ECE7EF9D1454A90156690D33D64387B67A7A7548FC826012512E287A937
                                                                                                                                                                                                                          SHA-512:C2D619D5CBEC24AAA5DA29A80031ECE9EE65B949F38E00E75EF6EBFFA0A38B3FD3F32F271A941D3E0D1F001B90D0A30D3A9CF342E409FE3FB75AC47A3361FF9A
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
                                                                                                                                                                                                                          Preview:!function(r){"use strict";var t,e,n;e={},(n=function(r){if(e[r])return e[r].exports;var o=e[r]={i:r,l:!1,exports:{}};return t[r].call(o.exports,o,o.exports,n),o.l=!0,o.exports}).m=t=[function(r,t,e){e(1),e(70),e(77),e(80),e(81),e(83),e(95),e(96),e(98),e(101),e(103),e(104),e(113),e(114),e(117),e(123),e(138),e(140),e(141),r.exports=e(142)},function(r,t,e){var n=e(2),o=e(38),a=e(62),c=e(67),i=e(69);n({target:"Array",proto:!0,arity:1,forced:e(6)((function(){return 4294967297!==[].push.call({length:4294967296},1)}))||!function(){try{Object.defineProperty([],"length",{writable:!1}).push()}catch(r){return r instanceof TypeError}}()},{push:function(r){var t=o(this),e=a(t),n=arguments.length;i(e+n);for(var u=0;u<n;u++)t[e]=arguments[u],e++;return c(t,e),e}})},function(t,e,n){var o=n(3),a=n(4).f,c=n(42),i=n(46),u=n(36),f=n(54),s=n(66);t.exports=function(t,e){var n,p,l,y=t.target,h=t.global,v=t.stat,g=h?o:v?o[y]||u(y,{}):o[y]&&o[y].prototype;if(g)for(n in e){if(p=e[n],l=t.dontCallGetSet?(l=a(g,n)

                                                                                                                                                                                                                          Chrome Cache Entry: 213

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):50
                                                                                                                                                                                                                          Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                          MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                          SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                          SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                          SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                          Chrome Cache Entry: 214

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):88751
                                                                                                                                                                                                                          Entropy (8bit):5.414296471740167
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:1536:2sHx8vawlWe2XzbStiSc6q1jboAmKum7EqIZ7d+/:2sHx8vzWe2jOtiSg1jboAmKum7EqCp+/
                                                                                                                                                                                                                          MD5:69CB7809B5011312E716F29B3D19DCE6
                                                                                                                                                                                                                          SHA1:833DABFB546D57065AEBA7190B5EE5A2428DFA47
                                                                                                                                                                                                                          SHA-256:E039E607C78306C7E029A7FD0ECDB14F86456F16E1A5CE65AA26B4FDF1D38A3C
                                                                                                                                                                                                                          SHA-512:4259C8F940CFE4B7EC384E5ABD855713DA7792A955A7B737B75E45E6559A90292ADE59D7CCAB381EA4C2D0FA5109B4ABD9BFA0887C05C9FB1A27469D5E198A69
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://m.stripe.network/out-4.5.43.js
                                                                                                                                                                                                                          Preview:var StripeM=function(e){var t={};function n(r){if(t[r])return t[r].exports;var _=t[r]={i:r,l:!1,exports:{}};return e[r].call(_.exports,_,_.exports,n),_.l=!0,_.exports}return n.m=e,n.c=t,n.d=function(e,t,r){n.o(e,t)||Object.defineProperty(e,t,{enumerable:!0,get:r})},n.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},n.t=function(e,t){if(1&t&&(e=n(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var r=Object.create(null);if(n.r(r),Object.defineProperty(r,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var _ in e)n.d(r,_,function(t){return e[t]}.bind(null,_));return r},n.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return n.d(t,"a",t),t},n.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},n.p="",n(n.s=30)}([function(e,t,n){"use strict";(function(e){n.d(t,"a",(function(){retur

                                                                                                                                                                                                                          Chrome Cache Entry: 215

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:RIFF (little-endian) data, Web/P image
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):10546
                                                                                                                                                                                                                          Entropy (8bit):7.981645613160615
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:192:FgfiM8C7RRs0lPoxWi3WqioX2b9/5cvneVQ+kaz1fM9VUlB17:Fg97RRs0FsRiMK9RUem+hBfyVqP7
                                                                                                                                                                                                                          MD5:66FEEAE77BBAFC5DCABCD345215CD1AD
                                                                                                                                                                                                                          SHA1:414AFCFB5CE7A66E466587156181111ECB61A75C
                                                                                                                                                                                                                          SHA-256:6A59F2B8B67BCCC41C723F6D94791CC7171C3756C3E90EFAD5D898ED336FE5C9
                                                                                                                                                                                                                          SHA-512:9D2D95F6C64AD3BE3AC6C67BFA6B9422721B191F2CAD9CABAFB63371C98D3E74C21EF1DB7D40374FB62824892B455FDE138F60C0C59BBC7BF09F10996936CB23
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/uploads/30dayrefund-e1605890583229.png
                                                                                                                                                                                                                          Preview:RIFF*)..WEBPVP8L.)../+.A.u...I.?.1U.{...../....y;`.2...a.n....\:.q...=.&....z.YP:}.A.W.Wr....".CTT.#U..d..H]9!..,..%...X..y^..v.....hgkg..z9.m.m.6.{NU..$....]M'U.T..h...%A..w8.....].....Rwww..!s_F.8..\W..%.).......m.H...^v'.....m.F.,.u.UB!.....i. F..1$. .b....xg.)..7.3.Q...;w...E....f.)mC.m.w..!.m.....-A.2.XeU].B..U....+... .n..<Jn...........s...s!g......-p...b("&1...z...W.&.e.2o&L..~a..C....3.u.4[.,...".FB.[.zP.4..UdN...Y@.)Y...~3..9[.t.X.3.l.iZ.A...Ho.)Y..2....lEV./s.-j...p.....4V..P#.......B-p.J..D,...>.B..*M...3.U..J.P.....MSUL..$d,#..L.4....]0.S .......m.K......{.....Q..d/..<"&....e.P..=..lgMwM.4...'Di..bp..}..T..d;..}.f.0-.AT?.........l...).9....A..>...h%C.)-3.`..w....~oA 3..3.*.s.a.....rW^QyU].........y.!...,.....R#...x...V..Z....7=n.XG`._<...n.68.4$....Gq...*.Y..j.y.....%..XISD%W.P...Y.T.!.c._..~..w=..+...L..*Y..JB........;a..v......mx........q8."..g6s.X5..DoN..=~..J.xW;...G.g....h....nu.u...-.h......M .&.....vSj..i@.c.t(7...'.M.

                                                                                                                                                                                                                          Chrome Cache Entry: 216

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:HTML document, ASCII text, with very long lines (7698)
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):2253471
                                                                                                                                                                                                                          Entropy (8bit):5.116008884877599
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:6144:JkWwN9jfZZUcIvHaGskXyJ8FoyJ4uhZfWyJ8dIyJS0lR/2CskVA8lEgY2PwUgQfE:8N9qskXyJ+oyJMyJKIyJLK
                                                                                                                                                                                                                          MD5:FCF2E5E0D622235E3F1C30B5856464A9
                                                                                                                                                                                                                          SHA1:A78B561CF56AD769D3C76630B82C8BA75E49B16E
                                                                                                                                                                                                                          SHA-256:E11900B953EC243BB275AFCD8E3C70D7959568F55C4DC3747E40DF3D945A8AC6
                                                                                                                                                                                                                          SHA-512:FC6456E8E9B2D7FE005022B74E7626172B8AA98925E2590EA3EF75DC1F03E854374E03BC33F2E9A38A5D5EF490C20D99F53B92B1516CFD745AAB6BA7FF2CC683
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Preview:<!DOCTYPE html>.<html. class="MktRoot". lang="en-US". data-js-controller="Page". data-page-id="Home". data-page-title="Stripe | Financial Infrastructure for the Internet". data-loading.>. <head>. <script>window.__capturedErrors = [];.window.onerror = function (message, url, line, column, error) { __capturedErrors.push(error); };.window.onunhandledrejection = function(evt) { __capturedErrors.push(evt.reason); }.</script>.<meta. name="sentry-config". data-js-dsn="https://7cd38b0eb2b348b39a6002cc768f91c7@errors.stripe.com/376". data-js-release="ee16eaaf1af650637ec783a94c73fe5e49affc51". data-js-environment="production". data-js-project="mkt".>.. <meta name="experiment-treatments" content="wpp_site_mobile_header_nav_redesign_v2.control.ursula.4094ca39-f40a-425f-9836-43504fad5966.a,acquisition_start_now_copy_change.treatment_get_started.ursula.c791833c-8514-4699-9b8c-23391800b06e.a,acquisition_mobile_sticky_nav_cta.control.ursula.d6a74f11-425a-4d84-9b9f-6dca6ebb4c71.m,acqu

                                                                                                                                                                                                                          Chrome Cache Entry: 217

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (2037)
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):5705
                                                                                                                                                                                                                          Entropy (8bit):5.215307527153416
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:96:7BKV92E2UtAHfUxKetKkXm/Hw5BjmhLgVo/KM9389xp98JrVKol:7kftZAH8w/kGWkD/5a9xDyxKw
                                                                                                                                                                                                                          MD5:91966F4FA26A336B323F26DF56340880
                                                                                                                                                                                                                          SHA1:A751AB49ECEB896336E144B9EFE92706FC451ECC
                                                                                                                                                                                                                          SHA-256:69F3BA8224AD36FDE400BFAC6CEEAB632AC179A9C408E1384892DA18AFEDCCA3
                                                                                                                                                                                                                          SHA-512:C8F2E9EEDC0ED3D1B05EDC9E161C8EB3F1CDD10E69E906C5859A2768D41B56AEF9A3FF6BE4DC44A0EE210A32486FDEFADE374658403547CCC2642D663D2688CC
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/themes/meminz/js/custom.js?ver=20231102
                                                                                                                                                                                                                          Preview:(function($){'use strict';$.fn.scrollTo=function(options){var settings={offset:-60,speed:'slow',override:null,easing:null};if(options){if(options.override){options.override=(override('#')!=-1)?options.override:'#'+options.override;}.$.extend(settings,options);}.return this.each(function(i,el){$(el).click(function(e){var idToLookAt;if($(el).attr('href').match(/#/)!==null){e.preventDefault();idToLookAt=(settings.override)?settings.override:$(el).attr('href');if(history.pushState){history.pushState(null,null,idToLookAt);$('html,body').stop().animate({scrollTop:$(idToLookAt).offset().top+settings.offset},settings.speed,settings.easing);}else{$('html,body').stop().animate({scrollTop:$(idToLookAt).offset().top+settings.offset},settings.speed,settings.easing,function(e){window.location.hash=idToLookAt;});}}});});};$('#GoToHome, #GoToFeatures, #GoToDesc, #GoToGallery, #GoToPricing, #GoToTestimoni, #GoToContact, .GoToto,.GoTo a').scrollTo({speed:1400});var headerWrapper=parseInt($('.navbar').he

                                                                                                                                                                                                                          Chrome Cache Entry: 218

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):50
                                                                                                                                                                                                                          Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                          MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                          SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                          SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                          SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://pixel.wp.com/g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=0&rand=0.607764172633884
                                                                                                                                                                                                                          Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                          Chrome Cache Entry: 219

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (11256), with no line terminators
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):11256
                                                                                                                                                                                                                          Entropy (8bit):5.010537766861896
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:192:xthsVmeDXDanvgZenjAJKdXSMpNO96hDIzL79V1QVSD1CNxn6fR31r:czDanvuenjAkNBhDInSwh31r
                                                                                                                                                                                                                          MD5:2B0DD7EECEA03B4BDEDB94BA622FDB03
                                                                                                                                                                                                                          SHA1:703BECBA85161118DD6FC66AF465428EF43F561C
                                                                                                                                                                                                                          SHA-256:B7908A015A567EC2363011DF2475368DBFF34360E9DA3FDFF50604D6395FB646
                                                                                                                                                                                                                          SHA-512:FE64CFF950921BDF83EC09FE79CA5CE52DE40F5B8788697EB1D7B28055F2817778347D5D3C81A324801C7EC7151B3EE0EEE99B2882C3C3B10BD760342D3BF3E7
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
                                                                                                                                                                                                                          Preview:.mejs-offscreen{border:0;clip:rect(1px,1px,1px,1px);-webkit-clip-path:inset(50%);clip-path:inset(50%);height:1px;margin:-1px;overflow:hidden;padding:0;position:absolute;width:1px;word-wrap:normal}.mejs-container{background:#000;font-family:Helvetica,Arial,serif;position:relative;text-align:left;text-indent:0;vertical-align:top}.mejs-container,.mejs-container *{box-sizing:border-box}.mejs-container video::-webkit-media-controls,.mejs-container video::-webkit-media-controls-panel,.mejs-container video::-webkit-media-controls-panel-container,.mejs-container video::-webkit-media-controls-start-playback-button{-webkit-appearance:none;display:none!important}.mejs-fill-container,.mejs-fill-container .mejs-container{height:100%;width:100%}.mejs-fill-container{background:transparent;margin:0 auto;overflow:hidden;position:relative}.mejs-container:focus{outline:none}.mejs-iframe-overlay{height:100%;position:absolute;width:100%}.mejs-embed,.mejs-embed body{background:#000;height:100%;margin:0;over

                                                                                                                                                                                                                          Chrome Cache Entry: 220

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (7857), with no line terminators
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):7857
                                                                                                                                                                                                                          Entropy (8bit):5.0400341097316
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:96:DYWNsFrA2HSSHC6HiUQ2xYXNnk0cG9x73W35cZoZO1QtRU2oG:DY0sFs3uKugaEG
                                                                                                                                                                                                                          MD5:74B22170180EFE7793BDFE46D0E3B154
                                                                                                                                                                                                                          SHA1:FA57DE736CB7A4E201FEFD81DFDA7BD6AAEB47BB
                                                                                                                                                                                                                          SHA-256:1B4FA08596005CF08763C9DB009D91A22C7427321A31E8A596DEFC5273C01C3A
                                                                                                                                                                                                                          SHA-512:5C0DE79F53787C23DD4D0AF806D4D552E16E1D9E1036A0A220909952B05D8907989FE45F53662F485D599D160C921F8E3C9736C9B9FFD6F49AD4B454C2A35FB9
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/themes/meminz/css/custom.css?ver=35eac6e98b37c7568cceeeeb456d12a3
                                                                                                                                                                                                                          Preview:@media screen and (min-width:783px){.admin-bar .navbar-fixed-top{top:32px}}@media screen and (min-width:600px) and (max-width:782px){.admin-bar .navbar-fixed-top{top:46px}}.cth-single img{max-width:100%;height:auto}.cth-pagecontent img{max-width:100%;height:auto}.meminz_main-nav>li.current-menu-parent>a,.meminz_main-nav>.open>a.dropdown-toggle,.meminz_main-nav>.open>a.dropdown-toggle:hover,.meminz_main-nav>.open>a.dropdown-toggle:focus{background-color:#2e2e2e!important}.meminz_main-nav ul.dropdown-menu{padding:0}.meminz_main-nav ul.dropdown-menu>li{background-color:#2e2e2e;padding:0}.meminz_main-nav ul.dropdown-menu>li>a{padding:15px}.meminz_main-nav ul.dropdown-menu>li>a:hover,.meminz_main-nav ul.dropdown-menu>li>a:focus{background-color:transparent}.meminz_main-nav ul.dropdown-menu>li.active>a{background-color:transparent}h3.comment-reply-title{font-size:24px;line-height:30px;margin-left:15px}#regpreloader,#logpreloader{display:none}.alert-box{color:#da9221}.modal-open{overflow:hidd

                                                                                                                                                                                                                          Chrome Cache Entry: 221

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (31650)
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):208904
                                                                                                                                                                                                                          Entropy (8bit):5.2296833688625854
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:1536:SAr2MRCqwU5uX8eP/OC/O8KWsCFAGYaHNe82wM/jFbJPFmT+VsWf5+8O1y6wFgu5:sMQP/H/5KWsCCVkVsFP+V4r
                                                                                                                                                                                                                          MD5:491E821BCBD37C426386A904A58E40AD
                                                                                                                                                                                                                          SHA1:6C12B00C0FC8D94C838B47C659C7B7F3BDDD726A
                                                                                                                                                                                                                          SHA-256:5411B2CDD0750AD5ECE5F6F922100CEF462D43127809CE5B6ACD5E1B2F21D2A5
                                                                                                                                                                                                                          SHA-512:DFC23C777A73F1C7D1423A9CC89E7629D7831EF62A169F328CA08B4287CD8839B884680D2D7FE90E59446E7010538CAED59E28AC29A83D4DB856655952A0F74A
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/themes/meminz/js/plugins.js?ver=35eac6e98b37c7568cceeeeb456d12a3
                                                                                                                                                                                                                          Preview:/*!. * Bootstrap v3.2.0 (http://getbootstrap.com). * Copyright 2011-2014 Twitter, Inc.. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE). */.if("undefined"==typeof jQuery)throw new Error("Bootstrap's JavaScript requires jQuery");+function(a){"use strict";function b(){var a=document.createElement("bootstrap"),b={WebkitTransition:"webkitTransitionEnd",MozTransition:"transitionend",OTransition:"oTransitionEnd otransitionend",transition:"transitionend"};for(var c in b)if(void 0!==a.style[c])return{end:b[c]};return!1}a.fn.emulateTransitionEnd=function(b){var c=!1,d=this;a(this).one("bsTransitionEnd",function(){c=!0});var e=function(){c||a(d).trigger(a.support.transition.end)};return setTimeout(e,b),this},a(function(){a.support.transition=b(),a.support.transition&&(a.event.special.bsTransitionEnd={bindType:a.support.transition.end,delegateType:a.support.transition.end,handle:function(b){return a(b.target).is(this)?b.handleObj.handler.apply(this,arguments):void 0}}

                                                                                                                                                                                                                          Chrome Cache Entry: 222

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1536), with no line terminators
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):1536
                                                                                                                                                                                                                          Entropy (8bit):5.183165338359982
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:24:c1GuMxRRY5vkVtyXVERHG+nRp8wMkRN8jG5okSeaKMj4fd8+/qUCjTX:aGhxU5mcKnRiknEySwfd8+/qUGb
                                                                                                                                                                                                                          MD5:118EDCCFEC036BFE34D6BDAFF6DACBFD
                                                                                                                                                                                                                          SHA1:E3DD5274D03F0A11DDF0FAA444DD777D282419AE
                                                                                                                                                                                                                          SHA-256:7EF7E3FA3B814AA895E747632BD2BA963804FC40D3239EA2959849D392CCE429
                                                                                                                                                                                                                          SHA-512:6139180695FA6BF3E3774C748C8FCDAE8B301946F99044A410CF20C1E2B288102BCD48DCC3D90BE62D30ED24E5D32E6D2BF8A0A17763FBF88658029CF34A25D6
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/plugins/jetpack/_inc/build/widgets/eu-cookie-law/eu-cookie-law.min.js?ver=20180522
                                                                                                                                                                                                                          Preview:!function(){var e,t,i,o=document.cookie.replace(/(?:(?:^|.*;\s*)eucookielaw\s*\=\s*([^;]*).*$)|^.*$/,"$1"),n=document.getElementById("eu-cookie-law"),s=document.querySelector(".widget_eu_cookie_law_widget"),a=s&&s.hasAttribute("data-customize-widget-id");if(null!==s&&null!==n){if(e=function(){return Math.abs(document.body.getBoundingClientRect().y)},n.classList.contains("top")&&s.classList.add("top"),n.classList.contains("ads-active")){var c=document.cookie.replace(/(?:(?:^|.*;\s*)personalized-ads-consent\s*\=\s*([^;]*).*$)|^.*$/,"$1");""===o||""===c||a||n.parentNode.removeChild(n)}else""===o||a||n.parentNode.removeChild(n);document.body.appendChild(s),n.querySelector("form").addEventListener("submit",l),n.classList.contains("hide-on-scroll")?(t=e(),i=function(){Math.abs(e()-t)>50&&l()},window.addEventListener("scroll",i)):n.classList.contains("hide-on-time")&&setTimeout(l,1e3*n.getAttribute("data-hide-timeout"));var d=!1}function l(e){if(!d){d=!0,e&&e.preventDefault&&e.preventDefault(

                                                                                                                                                                                                                          Chrome Cache Entry: 223

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):50
                                                                                                                                                                                                                          Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                          MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                          SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                          SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                          SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                          Chrome Cache Entry: 224

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (3661), with no line terminators
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):3661
                                                                                                                                                                                                                          Entropy (8bit):4.6987663121730785
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:48:HD95ltbkbW2WkA8S2u5Z+ss2utg2Cbcjkkvv+ss2E95lXYptg2H795lvPG:j9BbkbSX5ZojkkXm9rM9S
                                                                                                                                                                                                                          MD5:13D15804666B3CFE5DA52BD01AFEF780
                                                                                                                                                                                                                          SHA1:6D3120964389BE3E5062E920734FBDE12355FA57
                                                                                                                                                                                                                          SHA-256:E33C9A9C34C4E9A6FDD1B301A2C0E4CA0EA4FE4DD66DF283E07189F5518BD5CB
                                                                                                                                                                                                                          SHA-512:983750BABE137AF4642B2BABF9D12F56F33CF7A8329C46F7E694D928B2C6715B32B125BC8BAD6D6A34B7061FCBF174AA750371F099A2822589D1F3C7038F918D
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/themes/meminz/skins/default/skin.css?ver=35eac6e98b37c7568cceeeeb456d12a3
                                                                                                                                                                                                                          Preview:a,a:focus,a:hover,a:active,.navbar-default .navbar-nav li a:hover,.navbar-default .navbar-nav li a.selected,.navbar-default .navbar-nav .active a,.navbar-default .navbar-nav .dropdown.active a,.navbar-default .navbar-nav .active a:hover,.navbar-default .navbar-nav .dropdown.active a:hover,.navbar-default .navbar-nav .active a:focus,.navbar-default .navbar-nav .dropdown.active a:focus,.icon-counter:hover,.social-network a:hover,.social-network a:focus,.social-network a:active,.pe-feature,.accordion-heading a:hover i,.wpb_accordion_header a:hover i,.counter-number,.pricing-head.popular .pricing-price,.validation,.widget_nav_menu>div>ul li a:hover,.widget_rss>ul li a:hover,.widget_recent_comments>ul li a:hover,.widget_recent_entries>ul li a:hover,.widget_meta>ul li a:hover,.widget_archive>ul li a:hover,.widget_pages>ul li a:hover,.widget_categories>ul li a:hover,.recent li h6 a:hover,.pagination>li>a,.pagination>li>a:hover,.media h4.media-heading a:hover,.wpt-tabs>li>a,.wpt-tabs>li>a:hove

                                                                                                                                                                                                                          Chrome Cache Entry: 225

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):50
                                                                                                                                                                                                                          Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                          MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                          SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                          SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                          SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://pixel.wp.com/g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3149&rand=0.33416128811766366
                                                                                                                                                                                                                          Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                          Chrome Cache Entry: 226

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):50
                                                                                                                                                                                                                          Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                          MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                          SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                          SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                          SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://pixel.wp.com/g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1784&rand=0.7880681605956541
                                                                                                                                                                                                                          Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                          Chrome Cache Entry: 227

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (374)
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):508
                                                                                                                                                                                                                          Entropy (8bit):4.970460111761285
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:12:zUW7SmaGOdMI32O3RaDRhkZQy1Er3I7sKBuylcZ1nedKYCx:zUW7naZFCkZQy1EDIAKBuRZ1nOKYCx
                                                                                                                                                                                                                          MD5:F35843BE4D3B337945EE7176358DDE94
                                                                                                                                                                                                                          SHA1:80FDBE049F5084801A4FBB7F74DF509FD0033018
                                                                                                                                                                                                                          SHA-256:D5CEDB938B4B9C83A8873860B4BF49FAD6BC1799B49987BE3CF1FD479868842F
                                                                                                                                                                                                                          SHA-512:6B44D5CA2CF6677A9EFE814804529BC1A18626F81C35F32913DA257B1C4C405DB80E056D34B085F1B949E5A7FA20A5F03ECBA2E95EE6A12154BD5064F2CD8C2D
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/plugins/nextgen-gallery/static/Lightbox/fancybox/nextgen_fancybox_init.js?ver=3.59.2
                                                                                                                                                                                                                          Preview:jQuery(function($){var nextgen_fancybox_init=function(){var selector=nextgen_lightbox_filter_selector($,$(".ngg-fancybox"));window.addEventListener("click",e=>{let $target=$(e.target);if($target.is(selector)||$target.parents('a').is(selector)){e.preventDefault();$(selector).fancybox({titlePosition:'inside',onComplete:function(){$('#fancybox-wrap').css('z-index',10000);}}).$target.trigger('click.fb');e.stopPropagation();}},true)};$(window).on('refreshed',nextgen_fancybox_init);nextgen_fancybox_init();});

                                                                                                                                                                                                                          Chrome Cache Entry: 228

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):617324
                                                                                                                                                                                                                          Entropy (8bit):5.359554327329689
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:12288:rw83V1fW6g2SD6aLdLZLxLH98sDPbkPjBX1D+/jTBh86RVqnvcRfE3E3mEAoVil8:Uz3Z0y3qI
                                                                                                                                                                                                                          MD5:2692EAB1E562BACEE19AB5E8F3B0B448
                                                                                                                                                                                                                          SHA1:9062A40194A89578319A6271FD346BBE563FC61F
                                                                                                                                                                                                                          SHA-256:8EF02E291BE1F7804AE4DD3C30E6395A5FD555B1E07F145F415CDF0075028D18
                                                                                                                                                                                                                          SHA-512:9366D92BBE13D77EF77D532A8A9BBC968601F77F3F88443AE1C0AA6DB53340C74260FC71081F14BC4392CBD0D19C1B89F2C36C239172C5E149C34EC166DD8509
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://js.stripe.com/v3/?ver=v3
                                                                                                                                                                                                                          Preview:!function(){function e(t){var n=o[t];if(void 0!==n)return n.exports;var i=o[t]={id:t,loaded:!1,exports:{}};return r[t](i,i.exports,e),i.loaded=!0,i.exports}var t,n,r={723:function(e,t,n){"use strict";function r(e){l.length||(a(),!0),l[l.length]=e}function o(){for(;d<l.length;){var e=d;if(d+=1,l[e].call(),d>1024){for(var t=0,n=l.length-d;t<n;t++)l[t]=l[t+d];l.length-=d,d=0}}l.length=0,d=0,!1}function i(e){return function(){function t(){clearTimeout(n),clearInterval(r),e()}var n=setTimeout(t,0),r=setInterval(t,50)}}e.exports=r;var a,c,s,u,l=[],d=0,p=void 0!==n.g?n.g:self,m=p.MutationObserver||p.WebKitMutationObserver;"function"==typeof m?(c=1,s=new m(o),u=document.createTextNode(""),s.observe(u,{characterData:!0}),a=function(){c=-c,u.data=c}):a=i(o),r.requestFlush=a,r.makeRequestCallFromTimer=i},5937:function(e,t,n){e.exports=n.p+"fingerprinted/img/abnamro-4445e65420800f96f68cfc67a273f66b.svg"},1520:function(e,t,n){e.exports=n.p+"fingerprinted/img/asn-3d9b1bbff2f8f12105510992dbb37ae8.svg

                                                                                                                                                                                                                          Chrome Cache Entry: 229

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):126
                                                                                                                                                                                                                          Entropy (8bit):4.581458664403255
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3:4BAG1HQvYKieo9y2UYs2G1W5HPSM9:42GApaU0Gc5qM9
                                                                                                                                                                                                                          MD5:A91E105C444648F868EBAEB8A1D72581
                                                                                                                                                                                                                          SHA1:9544022B30937034924D8E5937C50046F194AC8A
                                                                                                                                                                                                                          SHA-256:8DDEA4EA676FBD039FBB1D849DA7A67B095D50C85C3F981F6445743C2BE218C6
                                                                                                                                                                                                                          SHA-512:CAD19A4C2DF985F93181CB367B6661679EC73467A666E04FFE8F2678074DEF703E446C36200A351DF47B24DC201ABF873627B4031EA7DBE20477F328A6A8FB8F
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/plugins/edd-multi-currency/assets/build/style-frontend.css?ver=1.1.1
                                                                                                                                                                                                                          Preview:.edd-multi-currency-selector-buttons form{display:flex;flex-wrap:wrap;gap:5px}.edd-multi-currency-button--selected{opacity:.6}

                                                                                                                                                                                                                          Chrome Cache Entry: 230

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (4115), with no line terminators
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):4115
                                                                                                                                                                                                                          Entropy (8bit):5.1849391170315355
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:48:N7unreGFjzPln6cAzVm9I7tUryZjMPYqiyhcyI9qx4qQ3RYiwbVWmy2X0AgBt2X6:IFvPUhvjeHiyixgQOFfEAgWx32jGAJ
                                                                                                                                                                                                                          MD5:B9C6E602D7076C23CA0063AEE70ABAC9
                                                                                                                                                                                                                          SHA1:3F983AEA238061AC8BC45DF8C74A42655360CFCB
                                                                                                                                                                                                                          SHA-256:59F626902CEE1EC6ADD9C9AC20AE2BE6F2E39F4F821A550B73BBA584B9D87E03
                                                                                                                                                                                                                          SHA-512:A62190E7320D1E8F80E518B4166A9BCC2C6CB8CB45105C39D8312D65D7463AB0549934D589819DE44B959D6267DC6DF6A46F875ADB60E49E19B6AC9D7C8A71CF
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/plugins/jetpack/_inc/blocks/subscriptions/view.js?minify=false&ver=13.3.1
                                                                                                                                                                                                                          Preview:(()=>{var e={63166:(e,t,r)=>{"use strict";r.d(t,{K4:()=>n});let o="";function s(e){if("https://subscribe.wordpress.com"===e.origin&&e.data){const t=JSON.parse(e.data);if(t&&t.result&&t.result.jwt_token&&(o=t.result.jwt_token,a(o)),t&&"close"===t.action&&o)window.location.reload(!0);else if(t&&"close"===t.action){window.removeEventListener("message",s);document.getElementById("memberships-modal-window").close(),document.body.classList.remove("modal-open")}}}function n(e){document.body.classList.add("modal-open");const t=document.getElementById("memberships-modal-window");t&&document.body.removeChild(t);const r=document.createElement("dialog");r.setAttribute("id","memberships-modal-window");const o=document.createElement("iframe"),n=document.querySelector('input[name="lang"]');let a=null;n&&(a=n.value),o.setAttribute("id","memberships-modal-iframe"),o.innerText="This feature requires inline frames. You have iframes disabled or your browser does not support them.",o.src=e+"&display=altern

                                                                                                                                                                                                                          Chrome Cache Entry: 231

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1162), with no line terminators
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):1162
                                                                                                                                                                                                                          Entropy (8bit):4.960638824017214
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:24:PGqJT5xJTF7jJY0iDDayDQeIxJsYNBx5v:PGqJHJR7jJYdD2yD3IxKYNBx5v
                                                                                                                                                                                                                          MD5:75D36CE6FEA7DA47D1BF435453334FF9
                                                                                                                                                                                                                          SHA1:AD7E2832DBAE78AC653C4DED3E9F4E643ACD1BED
                                                                                                                                                                                                                          SHA-256:F77676010AF045F74F15412F1CA9B418478066304101556281C5B4E162932525
                                                                                                                                                                                                                          SHA-512:CCD040E82FDC6D655FB4E000F50D7B178EB84C1149ACC24D7CA75F29842B76399E748C45B9C0DC7C2057194ED9A0F07EA8B46DAA9B79CAF38E63EDB740A9956A
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/plugins/theme-my-login/assets/styles/theme-my-login.min.css?ver=7.1.7
                                                                                                                                                                                                                          Preview:.tml{font-size:1em}.tml *{box-sizing:border-box}.tml .tml-field-wrap{margin-bottom:1em}.tml .tml-label{display:block;margin:.5em 0}.tml .tml-checkbox+.tml-label{display:inline}.tml .tml-field{width:100%}.tml .tml-description{display:block;font-size:.85em;font-style:italic;margin:.5em 0}.tml .tml-errors,.tml .tml-messages{list-style:none;margin:0;padding:0}.tml .tml-action-confirmaction .success,.tml .tml-error,.tml .tml-message,.tml .tml-success{border-left:4px solid #00a0d2;box-shadow:1px 1px 2px 1px rgba(0,0,0,.1);display:block;margin:0 0 1em;padding:.75em}.tml .tml-error{border-left-color:#dc3232}.tml .tml-action-confirmaction .success,.tml .tml-success{border-left-color:#46b450}#pass-strength-result{background-color:#eee;border:1px solid #ddd;color:#23282d;font-weight:700;opacity:0;margin-bottom:1em;padding:.5em}#pass-strength-result.strong{background-color:#c1e1b9;border-color:#83c373;opacity:1}#pass-strength-result.good{background-color:#ffe399;border-color:#ffc733;opacity:1}#pas

                                                                                                                                                                                                                          Chrome Cache Entry: 232

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):294
                                                                                                                                                                                                                          Entropy (8bit):4.909632098329449
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:6:fF2wyfwsitnGAmXf93EgWGC8WGswt5iaT7sFnogs0r98FWXTor:tIIt5GzXfh8XH0waTcRr98Ai
                                                                                                                                                                                                                          MD5:F874163B22CE10B81621D777D104AA34
                                                                                                                                                                                                                          SHA1:73FA6509C6F6420536B714F1E27396D1C981E5B1
                                                                                                                                                                                                                          SHA-256:D922FC2FC26115FB47F3089F0C7947CD13A8FBA5D6184ADD1CE465DA07763A3F
                                                                                                                                                                                                                          SHA-512:058CC308C2CACB28F7BD56D2966AD4868AE13B7CB292E64F4ABB9AFE592673A1BA6E06BC606B57CF4978F1A5E3503F2E7A7A23245452618D12047F4F1BB866F7
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/plugins/easy-digital-downloads-pro/includes/blocks/assets/css/edd-blocks.css?ver=3.2.12
                                                                                                                                                                                                                          Preview::root {..--edd-blocks-light-grey: #eee;.}...screen-reader-text {..border: 0;..clip: rect(1px, 1px, 1px, 1px);..-webkit-clip-path: inset(50%);..clip-path: inset(50%);..height: 1px;..margin: -1px;..overflow: hidden;..padding: 0;..position: absolute;..width: 1px;..word-wrap: normal !important;.}.

                                                                                                                                                                                                                          Chrome Cache Entry: 233

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):50
                                                                                                                                                                                                                          Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                          MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                          SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                          SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                          SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                          Chrome Cache Entry: 234

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (317)
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):774
                                                                                                                                                                                                                          Entropy (8bit):4.88213657489483
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:12:AcSmaGXkoobkoorkooW/32NU/Fv2Jfe1qXy9Q17TF17s1TI7vYLOcIYLYm75O82T:VnX5I5k5QmO9e1iyATjwnLrls9p4TY
                                                                                                                                                                                                                          MD5:2BAAAD1DEAF5836BA082ADC3E8CA2793
                                                                                                                                                                                                                          SHA1:59DCD4726297A08027A41035F9464CECCC03196F
                                                                                                                                                                                                                          SHA-256:DDA62E985647B4B8CA10D82DAAAFD193169F24ECA5FB3433FDFE605C5F645555
                                                                                                                                                                                                                          SHA-512:02A7F9E580A9F1AE263A41107E307A49FC31E12AAB2AD36EC8F27301BC04BA3E7445198E074EB87D611FCE297F1D9FE605E2CF158C1763F056561F07B253BDE7
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/plugins/nextgen-gallery/static/Lightbox/lightbox_context.js?ver=3.59.2
                                                                                                                                                                                                                          Preview:function nextgen_lightbox_filter_selector($,selector).{if(nextgen_lightbox_settings&&nextgen_lightbox_settings.context){var context=nextgen_lightbox_settings.context;if(context=='all_images'){selector=selector.add($('a > img').parent());}.else if(context=='all_images_direct'){selector=selector.add($('a[href] > img').parent().filter(function(){var href=$(this).attr('href').toLowerCase();var ext=href.substring(href.length-3);var ext2=href.substring(href.length-4);return(ext=='jpg'||ext=='gif'||ext=='png'||ext2=='tiff'||ext2=='jpeg'||ext2=='webp');}));}.else if(context=='nextgen_and_wp_images'){selector=selector.add($('a > img[class*="wp-image-"]').parent());}.selector=selector.not('.gallery_link');selector=selector.not('.use_imagebrowser_effect');}.return selector;}

                                                                                                                                                                                                                          Chrome Cache Entry: 235

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):50
                                                                                                                                                                                                                          Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                          MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                          SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                          SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                          SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://pixel.wp.com/g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=4119&rand=0.6201211102575397
                                                                                                                                                                                                                          Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                          Chrome Cache Entry: 236

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:PNG image data, 284 x 1, 8-bit gray+alpha, non-interlaced
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):147
                                                                                                                                                                                                                          Entropy (8bit):6.251894708561177
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3:yionv//thPkQJ8NsyxL3BWWbj2vUMPP8p8pHIvMCX664klllsg1p:6v/lhPkQ+NsyhxWWbCXa8ZILrplVp
                                                                                                                                                                                                                          MD5:BEBD92A0383F89B9A054A6105C2505DB
                                                                                                                                                                                                                          SHA1:46AF38517F25DB472559591E3B4C590EB9305DBA
                                                                                                                                                                                                                          SHA-256:889EA07BDBC7C660C5D6227693EAC900DEAD21BEBAFBE74529B9B368B792CED8
                                                                                                                                                                                                                          SHA-512:0C291D2C60305031294E5BF96FC3D0ABDDC23AB4B0AB3F34DFDF887904D555BEAAB4D59A4B3075B8A990CF55FAAB02C5E33E3E8917DFA7861BE45A24F062D716
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Preview:.PNG........IHDR...................ZIDATx.....0....._..h......u..I..X..5a.:.*..z{.W....<.J..[.z..9.f..C.Mw... ...h.n..g.F...[;.c.h)....IEND.B`.

                                                                                                                                                                                                                          Chrome Cache Entry: 237

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):50
                                                                                                                                                                                                                          Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                          MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                          SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                          SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                          SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://pixel.wp.com/g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=0&rand=0.0645236413472281
                                                                                                                                                                                                                          Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                          Chrome Cache Entry: 238

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):50
                                                                                                                                                                                                                          Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                          MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                          SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                          SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                          SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                          Chrome Cache Entry: 239

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (65358)
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):464668
                                                                                                                                                                                                                          Entropy (8bit):4.92360139714976
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3072:QRXlvmKEB1FJ8iJc0E/aCeLYtz+RJwKZ1kkUSbxhJwdO8BEo2HwSMxnp5ANdl0gv:QRXC8/0h
                                                                                                                                                                                                                          MD5:FB5F518EB9199B22350C111C413F066F
                                                                                                                                                                                                                          SHA1:49BAA6BD0902CC4ABB5EE499725084ABD5FBE525
                                                                                                                                                                                                                          SHA-256:CAAD2ECF2E37F3007E63C118A4C26A9CC26A62C495FBDD4B9D20E55BC89052D9
                                                                                                                                                                                                                          SHA-512:CF3B2784EF33FFC3461BD7F48EA3E2C24607ACB87597444F94DFD888F7F8DBC7D64AD9ABF1F9C2A99EED1393D43A3A536B000BEABD757D69E92E4CD6B3E2B0F4
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=7.6
                                                                                                                                                                                                                          Preview:/*!. * WPBakery Page Builder v6.0.0 (https://wpbakery.com). * Copyright 2011-2024 Michael M, WPBakery. * License: Commercial. More details: http://go.wpbakery.com/licensing. */...vc_row:after,.vc_row:before{content:" ";display:table}.vc_row:after{clear:both}@media (max-width:767px){.vc_hidden-xs{display:none!important}}@media (min-width:768px) and (max-width:991px){.vc_hidden-sm{display:none!important}}@media (min-width:992px) and (max-width:1199px){.vc_hidden-md{display:none!important}}@media (min-width:1200px){.vc_hidden-lg{display:none!important}}.vc_non_responsive .vc_row .vc_col-sm-1{position:relative;float:left;width:8.33333333%;min-height:1px;padding-left:15px;padding-right:15px}.vc_non_responsive .vc_row .vc_col-sm-2{position:relative;float:left;width:16.66666667%;min-height:1px;padding-left:15px;padding-right:15px}.vc_non_responsive .vc_row .vc_col-sm-3{position:relative;float:left;width:25%;min-height:1px;padding-left:15px;padding-right:15px}.vc_non_responsive .vc_row .vc_col

                                                                                                                                                                                                                          Chrome Cache Entry: 240

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (415)
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):2782
                                                                                                                                                                                                                          Entropy (8bit):5.171696106446853
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:48:ZVeKD0yFFL4V0JJmHB0xOtxODzX2asXz2asiuw6OLnXpcvHbhJuLufSk+:X9ZJ4yvOjO2LXaLiuoL+gLuaB
                                                                                                                                                                                                                          MD5:D9DF4BC08617F73FE4254C9448ED4F3C
                                                                                                                                                                                                                          SHA1:4F5DA30B23C72A847D480856B139E05692F3944D
                                                                                                                                                                                                                          SHA-256:FA5FCE5A6A7B4E4595EFE09FFE10D21967C3FB6DD0A6CD5E05CCBAF2F736C477
                                                                                                                                                                                                                          SHA-512:0ED912C15313255C3FF205FE55BC7AD5B768D5C800C97FAEAB75B0B932F6F0ED41FE5859675E60219D3DFDAACD8A48970F8FC23AB877A97CD1400FDB87E43A87
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/plugins/nextgen-gallery/static/Legacy/ajax.min.js?ver=3.59.2
                                                                                                                                                                                                                          Preview:// TODO: This file can be removed once the minimum Pro API version is 4.0.EasyCookie=(function(){var EPOCH='Thu, 01-Jan-1970 00:00:01 GMT',RATIO=1000*60*60*24,KEYS=['expires','path','domain'],esc=escape,un=unescape,doc=document,me;var get_now=function(){var r=new Date();r.setTime(r.getTime());return r;}. var cookify=function(c_key,c_val){var i,key,val,r=[],opt=(arguments.length>2)?arguments[2]:{};r.push(esc(c_key)+'='+esc(c_val));for(i=0;i<KEYS.length;i++){key=KEYS[i];if(val=opt[key]). r.push(key+'='+val);}. if(opt.secure). r.push('secure');return r.join('; ');}. var alive=function(){var k='__EC_TEST__',v=new Date();v=v.toGMTString();this.set(k,v);this.enabled=(this.remove(k)==v);return this.enabled;}. me={set:function(key,val){var opt=(arguments.length>2)?arguments[2]:{},now=get_now(),expire_at,cfg={};if(opt.expires){opt.expires*=RATIO;cfg.expires=new Date(now.getTime()+opt.expires);cfg.expires=cfg.expires.toGMTString();}. var keys=['path','dom

                                                                                                                                                                                                                          Chrome Cache Entry: 241

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):50
                                                                                                                                                                                                                          Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                          MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                          SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                          SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                          SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                          Chrome Cache Entry: 242

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (875)
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):2726
                                                                                                                                                                                                                          Entropy (8bit):4.915026808829665
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:48:qM+xo+mvbAB8MNshxFqYkMr4MlMKl5ZBVPcfvleBRpsHxFqluxFhxAvw/ycp9l:FZvbAyMNMxsTy42lPE30BXKxsluxuw/1
                                                                                                                                                                                                                          MD5:00A8C0F92F46546F8C6E1B7E81BA5C4C
                                                                                                                                                                                                                          SHA1:C06F28F34158263BA653E3B03B95A3DCED83E242
                                                                                                                                                                                                                          SHA-256:DFA950382763457A05CBC2E4931726EB78F59C1A2E51C203F0053220F27349E6
                                                                                                                                                                                                                          SHA-512:FCDE357CCED15E3FDF17BAA9D732E7DE9278994C0B008A18BE58DD8183EA0ADAB4437C48DD135AAB443A8FB2D54901D0D2158453E51435451BD8DA6A8B702FD5
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/plugins/edd-recurring/assets/js/edd-frontend-recurring.js?ver=2.12.3
                                                                                                                                                                                                                          Preview:var edd_scripts;jQuery(document).ready(function($){$('.edd_subscription_cancel').on('click',function(e){if(confirm(edd_recurring_vars.confirm_cancel)){return true;}.return false;});$('.edd_download_purchase_form').each(function(){var form=$(this);if(form.find('.edd-cp-container').length&&form.find('.edd_price_options').length){var terms=form.find('.eddr-custom-terms-notice');var signup_fee=form.find('.eddr-custom-signup-fee-notice');terms.prev().append(terms);signup_fee.prev().append(signup_fee);terms.show();signup_fee.show();}else if(form.find('.edd-cp-container').length){form.find('.edd_cp_price').keyup(function(){form.find('.eddr-terms-notice,.eddr-signup-fee-notice').hide();form.find('.eddr-custom-terms-notice,.eddr-custom-signup-fee-notice').show();});}});$('#edd_purchase_form').on('focusout','#edd-email',function(){if('undefined'==edd_scripts){return;}.if(!edd_recurring_vars.has_trial){return;}.var email=$(this).val();var product_ids=[];$('body').find('.edd_cart_item').each(funct

                                                                                                                                                                                                                          Chrome Cache Entry: 243

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):50
                                                                                                                                                                                                                          Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                          MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                          SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                          SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                          SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://pixel.wp.com/g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1960&rand=0.9310427983388707
                                                                                                                                                                                                                          Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                          Chrome Cache Entry: 244

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:HTML document, ASCII text, with no line terminators
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):200
                                                                                                                                                                                                                          Entropy (8bit):4.942373347667344
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3:qTkIDZxVsJYkup3XyHFeTrAyTKTWKMrBKblbJ4ZNDpVbz2USrGXI9kBbZ6iF4:qTjxVgYkYv3J/14QpcUAVuB965
                                                                                                                                                                                                                          MD5:3437AADDCDF6922D623E172C2D6F9278
                                                                                                                                                                                                                          SHA1:F69066CF20141AC93418102D3EEE7C0225B8A623
                                                                                                                                                                                                                          SHA-256:35DCC382EB69D00369D708708CDC545F3968B68FA5BBE3E728D11FEDD04F93BB
                                                                                                                                                                                                                          SHA-512:2DAE5C5C30C6A0E763D8128F2CE1D467EAD432E582AB4EBB68E23991DB08F57490ABC0EED805FD33FAB5503C1737D9D47D4CC1090AE15D7391593FBB295D66E7
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
                                                                                                                                                                                                                          Preview:<!doctype html><html><head><meta charset="utf-8"/><script defer="defer" src="https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js"></script></head><body></body></html>

                                                                                                                                                                                                                          Chrome Cache Entry: 245

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):50
                                                                                                                                                                                                                          Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                          MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                          SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                          SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                          SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://pixel.wp.com/g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1943&rand=0.41106217824244795
                                                                                                                                                                                                                          Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                          Chrome Cache Entry: 246

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (511)
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):1179
                                                                                                                                                                                                                          Entropy (8bit):5.234694297955699
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:24:2Iet77PIXA4YIVZqIpPDovaJJaRRNzsIl1l+V7MI+dG9RbiiVwzkI1E:tet7DMAfpKMoJathoMNdKNeoIC
                                                                                                                                                                                                                          MD5:D2C7D23AE1C26DA6614FCAA412C92256
                                                                                                                                                                                                                          SHA1:51FEAD35895BBC93E08CC05896A2B08DBC6D8839
                                                                                                                                                                                                                          SHA-256:E6563635F5AC513E588DE6D7B8ECBBEEE70FE3FF0E88FA09BB22A6821EBF7833
                                                                                                                                                                                                                          SHA-512:7B78CFEE4CB120C2D8C507A90C1D8DAD027B56A588469261AB47702AF3EA731D5A3251E4DA22CF278BB816C5E94AEFF8259837227A13E9310EE9257B903D5EC7
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/js/anchor-offset.js?ver=2
                                                                                                                                                                                                                          Preview:(function(document,history,location){var HISTORY_SUPPORT=!!(history&&history.pushState);var anchorScrolls={ANCHOR_REGEX:/^#[^ ]+$/,OFFSET_HEIGHT_PX:75,init:function(){this.scrollToCurrent();window.addEventListener('hashchange',this.scrollToCurrent.bind(this));document.body.addEventListener('click',this.delegateAnchors.bind(this));},getFixedOffset:function(){return this.OFFSET_HEIGHT_PX;},scrollIfAnchor:function(href,pushToHistory){var match,rect,anchorOffset;if(!this.ANCHOR_REGEX.test(href)){return false;}.match=document.getElementById(href.slice(1));if(match){rect=match.getBoundingClientRect();anchorOffset=window.pageYOffset+rect.top-this.getFixedOffset();window.scrollTo(window.pageXOffset,anchorOffset);if(HISTORY_SUPPORT&&pushToHistory){history.pushState({},document.title,location.pathname+href);}}.return!!match;},scrollToCurrent:function(){this.scrollIfAnchor(window.location.hash);},delegateAnchors:function(e){var elem=e.target;if(elem.nodeName==='A'&&this.scrollIfAnchor(elem.getAtt

                                                                                                                                                                                                                          Chrome Cache Entry: 247

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (8171), with no line terminators
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):8171
                                                                                                                                                                                                                          Entropy (8bit):5.072859919696532
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:192:wRNh5qCAj4ZKBOZi9pFdInflm7ukrLjS9f89dmpb:wRrfViT685kfX
                                                                                                                                                                                                                          MD5:DDA652DB133FDDB9B80A05C6D1B5C540
                                                                                                                                                                                                                          SHA1:60C8514C57A5DB2980C4B046B0DD479BD427357B
                                                                                                                                                                                                                          SHA-256:C1A9A3E223BAD631DFF12D33B5499EB145CB08D8621C20D9D73870E78D97AFE4
                                                                                                                                                                                                                          SHA-512:05CB3673448A79AA81887C60A82ABA51F9A843DC13AB4FC39B3E6D8AE7D632732D9AFEFAF72FC3D197C2795A3364FDFD4F83C9B628644D98F1C9017BFD435E62
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
                                                                                                                                                                                                                          Preview:!function(e){"object"==typeof exports&&"undefined"!=typeof module||"function"!=typeof define||!define.amd?e():define("inert",e)}((function(){"use strict";var e,t,n,i,o,r,s=function(e,t,n){return t&&a(e.prototype,t),n&&a(e,n),e};function a(e,t){for(var n=0;n<t.length;n++){var i=t[n];i.enumerable=i.enumerable||!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(e,i.key,i)}}function d(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}function u(e,t){d(this,u),this._inertManager=t,this._rootElement=e,this._managedNodes=new Set,this._rootElement.hasAttribute("aria-hidden")?this._savedAriaHidden=this._rootElement.getAttribute("aria-hidden"):this._savedAriaHidden=null,this._rootElement.setAttribute("aria-hidden","true"),this._makeSubtreeUnfocusable(this._rootElement),this._observer=new MutationObserver(this._onMutation.bind(this)),this._observer.observe(this._rootElement,{attributes:!0,childList:!0,subtree:!0})}function h(e,t){d(this,h),thi

                                                                                                                                                                                                                          Chrome Cache Entry: 248

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):50
                                                                                                                                                                                                                          Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                          MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                          SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                          SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                          SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                          Chrome Cache Entry: 249

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):50
                                                                                                                                                                                                                          Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                          MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                          SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                          SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                          SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                          Chrome Cache Entry: 250

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:PNG image data, 273 x 100, 8-bit colormap, non-interlaced
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):2914
                                                                                                                                                                                                                          Entropy (8bit):7.784385117533677
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:48:VU6G+hsDi9WLfcNaSSOS5+8kZwnDRddq5Fh2UU8fo4bX6dDbMnA/YYo+CiE7fS:VU6HbkUYATwD05v/fR7QbQAQXprfS
                                                                                                                                                                                                                          MD5:4E8DA7B8D47BF1A9A4A6DA940E5FA3B6
                                                                                                                                                                                                                          SHA1:334E0A16D2019906E921C50449ED4B6D1A421602
                                                                                                                                                                                                                          SHA-256:68BA815ADCA8477C32E5AF551C3CA9A406CF5723CC44D9D46286D9A3C549C113
                                                                                                                                                                                                                          SHA-512:9A10F0CE5C518F58B7D08EA3C2BFCB4882FD2B79866DF572F828480F8E6F813FEE03D195E71E3592B543E204723C11522DAB0F663DC72AD8F589E64E48A5D704
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Preview:.PNG........IHDR.......d........z....PLTE.................................................................2..o....@..O..}....7.......r.5........<.....d...........v...{.%............-...T.`o.V..X.........s.=..C................-.=..9M.=........V....._.........y./8.8;.My.K..Ms.s...F.S^.IK.\..h......a.-...M.6....-...D.IA.I..?~.@F.H_.EM.H>.H..=e.DU.F[.E..?I.GX.Gw.Bq.BK.HP.Gn.D..6H.G..?a.ER.F|.Bm.B..Bt.By.A..@..?h.D:.Ik.E{.A..:../..;r.Df.Dh.?..;..9..2...:.=....S>.Dv.9..Ix.<}.&.........ua.@.........fD.C0.Bm.;#.6....\L.?p.;z.6...[.nN._E.PZ.>..i.{......_tRNS.........3".g..t B..y ..i...7..%..V<..rF.cJC)..;...(....ig^K........xo`.....zW....}N...D........IDATx...W.A......H.P....$.cz.c@..".h...n4.$..{.bf.#y.....}...~............H*....\..F...Q 0.ua!..D..i.....|..LC.P..td.Y .wT:..A..r.@`.,.Ts.P8.....F.=}w..X..*.<..{m?.0..j{..Y2.Lp.M....u..o.|....3..I:....E.....kmO..J...L...s........+..O...(......."Fr.......8..80.Gw.f..H\.....h.$-Q......r.l....g5.Qj)...

                                                                                                                                                                                                                          Chrome Cache Entry: 251

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (65447)
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):87553
                                                                                                                                                                                                                          Entropy (8bit):5.262620498676155
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO
                                                                                                                                                                                                                          MD5:826EB77E86B02AB7724FE3D0141FF87C
                                                                                                                                                                                                                          SHA1:79CD3587D565AFE290076A8D36C31C305A573D18
                                                                                                                                                                                                                          SHA-256:CB6F2D32C49D1C2B25E9FFC9AAAFA3F83075346C01BCD4AE6EB187392A4292CF
                                                                                                                                                                                                                          SHA-512:FC79FDB76763025DC39FAC045A215FF155EF2F492A0E9640079D6F089FA6218AF2B3AB7C6EAF636827DEE9294E6939A95AB24554E870C976679C25567AD6374C
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
                                                                                                                                                                                                                          Preview:/*! jQuery v3.7.1 | (c) OpenJS Foundation and other contributors | jquery.org/license */.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(ie,e){"use strict";var oe=[],r=Object.getPrototypeOf,ae=oe.slice,g=oe.flat?function(e){return oe.flat.call(e)}:function(e){return oe.concat.apply([],e)},s=oe.push,se=oe.indexOf,n={},i=n.toString,ue=n.hasOwnProperty,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},y=function(e){return null!=e&&e===e.window},C=ie.document,u={type:!0,src:!0,nonce:!0,noModule:!0};function m(e,t,n){var r,i,o=(n=n||C).createElement("script");if(o.text=e,t)for(r in u)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.remove

                                                                                                                                                                                                                          Chrome Cache Entry: 252

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):50
                                                                                                                                                                                                                          Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                          MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                          SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                          SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                          SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://pixel.wp.com/g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3994&rand=0.20887544996126906
                                                                                                                                                                                                                          Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                          Chrome Cache Entry: 253

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):50
                                                                                                                                                                                                                          Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                          MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                          SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                          SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                          SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://pixel.wp.com/g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3138&rand=0.2663419028316665
                                                                                                                                                                                                                          Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                          Chrome Cache Entry: 254

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (65435)
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):250919
                                                                                                                                                                                                                          Entropy (8bit):5.166237606778828
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:6144:zGRl+28UZaUkZgwG1ZAIkKDJ3bys5XrHeI0RTR:zGL+2/ZaNZgwG1ZAIkKDJ3bys5XrHeI0
                                                                                                                                                                                                                          MD5:114ECB47F51B045594BEE0729FC62C51
                                                                                                                                                                                                                          SHA1:BB610C7D864A1FB2EB7DB46948DFEE416F95C237
                                                                                                                                                                                                                          SHA-256:AE7A9118D105A59E9B572C42FDF2D6DE93DA900B1756B1D9232618C8A7213F65
                                                                                                                                                                                                                          SHA-512:04D44FF887DB937A98562ACC9B6C0830E94A239A1A685169574D028290A9B0682514054B757A76388CE67B5ACC291C5AE14E77B8C47F1C0479EB3212C8B2F69B
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/themes/meminz/css/plugins.css?ver=20240503
                                                                                                                                                                                                                          Preview:@charset "UTF-8";/*!* Bootstrap v3.3.6 (http://getbootstrap.com).* Copyright 2011-2015 Twitter, Inc..* Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)*//*!normalize.css v3.0.3 | MIT License | github.com/necolas/normalize.css*/html{font-family:sans-serif;-webkit-text-size-adjust:100%;-ms-text-size-adjust:100%}body{margin:0}article,aside,details,figcaption,figure,footer,header,hgroup,main,menu,nav,section,summary{display:block}audio,canvas,progress,video{display:inline-block;vertical-align:baseline}audio:not([controls]){display:none;height:0}[hidden],template{display:none}a{background-color:transparent}a:active,a:hover{outline:0}abbr[title]{border-bottom:1px dotted}b,strong{font-weight:700}dfn{font-style:italic}h1{margin:.67em 0;font-size:2em}mark{color:#000;background:#ff0}small{font-size:80%}sub,sup{position:relative;font-size:75%;line-height:0;vertical-align:baseline}sup{top:-.5em}sub{bottom:-.25em}img{border:0}svg:not(:root){overflow:hidden}figure{margin:1e

                                                                                                                                                                                                                          Chrome Cache Entry: 255

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):2316
                                                                                                                                                                                                                          Entropy (8bit):5.408193825994515
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:48:1OEaNFlOEaNTFZKOEaNZOEaNW3yOEaN3AOEaNgRVc+umOEaN+1N0oD:1OEaNFlOEaNTFZKOEaNZOEaNW3yOEaNw
                                                                                                                                                                                                                          MD5:DDFFFA73A3AD101DE750962D005D7037
                                                                                                                                                                                                                          SHA1:4C82D80E86B6562BAF0AB94A56BE20C44B4F6F47
                                                                                                                                                                                                                          SHA-256:838E680CA964A26C94665951577F3F0902EF54DE2EE063D3465F22945DC44AFA
                                                                                                                                                                                                                          SHA-512:A0A5A009F97833388DE820832DCF863CF10C3CBB9B062B0CD80AFAB9A15C871F8CF11D31D8DA73986BC31A86A46F70710D35480413948585F56BA3D5D3DFA0AD
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://fonts.googleapis.com/css2?family=Roboto&display=swap
                                                                                                                                                                                                                          Preview:/* cyrillic-ext */.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu72xKOzY.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./* cyrillic */.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./* greek-ext */.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7mxKOzY.woff2) format('woff2');. unicode-range: U+1F00-1FFF;.}./* greek */.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s

                                                                                                                                                                                                                          Chrome Cache Entry: 256

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):50
                                                                                                                                                                                                                          Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                          MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                          SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                          SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                          SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://pixel.wp.com/g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=2309&rand=0.757336543097145
                                                                                                                                                                                                                          Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                          Chrome Cache Entry: 257

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (526), with no line terminators
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):526
                                                                                                                                                                                                                          Entropy (8bit):4.844995662196588
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:12:c4GJ0k2lvgyT6d1uOMXUZsCxYADLsdfPw3CgrR5jddeU7nu:c5D2BtT67uOMXUZjxYOLsOCgrN80u
                                                                                                                                                                                                                          MD5:D96C709017743C0759CF3853D1806BA5
                                                                                                                                                                                                                          SHA1:72E21587610C49C8305A55E71F73FA88ED618205
                                                                                                                                                                                                                          SHA-256:BA2338AA6670580269C762F51C4291DAEF913201AA8F4D4FD166C1A878262652
                                                                                                                                                                                                                          SHA-512:974E260ED8BD1D99628FC3248F07179F6EA228E37A6B9D3EF906DBA57571F2DF54D73F93D1F3460902D28A90BD4793BCA35477B2EF8FBF424B9112147F04BCCF
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
                                                                                                                                                                                                                          Preview:!function(){"use strict";var e="https://m.stripe.network",n=window.location.hash,t=/preview=true/.test(n)?"inner-preview.html":"inner.html",o=document.createElement("iframe");o.src="".concat(e,"/").concat(t).concat(n);var i=function(n){if(n.origin===e){var t=window.opener||window.parent||window;if(!t)return;t.postMessage(n.data,"*")}else o.contentWindow.postMessage(n.data,"*")};window.addEventListener?window.addEventListener("message",i,!1):window.attachEvent("onMessage",i),document.body&&document.body.appendChild(o)}();

                                                                                                                                                                                                                          Chrome Cache Entry: 258

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (20538)
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):20757
                                                                                                                                                                                                                          Entropy (8bit):5.25041304835653
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:384:2ecIpaRa7LJom2xdeuxOqjHxehwRUsOFzDlMa+jSa54ZEbq:2ecIp/7LJom2xdeuLHkhAUsOFzDlMa++
                                                                                                                                                                                                                          MD5:F905907E6908BA3646D8FB7E41484531
                                                                                                                                                                                                                          SHA1:B5DAC8702B02FF2015EFFDF26CC2781C5C134ED3
                                                                                                                                                                                                                          SHA-256:C30B6D9818F986DA2367E411CEBF9AA5BF2EB3580A1BF3ACB573F9481F0DE5AB
                                                                                                                                                                                                                          SHA-512:D866D49F73F5242A1EAEF9C80110FAB90C757398905C06014CE8262D77F74242A5877FC562FC6D8625B790EC513DB7E807565DBE69BF7A835E0A311078D129C8
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=7.6
                                                                                                                                                                                                                          Preview:/*!. * WPBakery Page Builder v6.0.0 (https://wpbakery.com). * Copyright 2011-2024 Michael M, WPBakery. * License: Commercial. More details: http://go.wpbakery.com/licensing. */..// jscs:disable.// jshint ignore: start..document.documentElement.className+=" js_active ",document.documentElement.className+="ontouchstart"in document.documentElement?" vc_mobile ":" vc_desktop ",function(){for(var prefix=["-webkit-","-moz-","-ms-","-o-",""],i=0;i<prefix.length;i++)prefix[i]+"transform"in document.documentElement.style&&(document.documentElement.className+=" vc_transform ")}(),function($){"function"!=typeof window.vc_js&&(window.vc_js=function(){"use strict";vc_toggleBehaviour(),vc_tabsBehaviour(),vc_accordionBehaviour(),vc_teaserGrid(),vc_carouselBehaviour(),vc_slidersBehaviour(),vc_prettyPhoto(),vc_pinterest(),vc_progress_bar(),vc_plugin_flexslider(),vc_gridBehaviour(),vc_rowBehaviour(),vc_prepareHoverBox(),vc_googleMapsPointer(),vc_ttaActivation(),vc_ttaToggleBehaviour(),jQuery(document).t

                                                                                                                                                                                                                          Chrome Cache Entry: 259

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (19287), with no line terminators
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):19287
                                                                                                                                                                                                                          Entropy (8bit):5.054657947098267
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:192:3ir8EkKztbyVcJn+2fGZ4loPL7WkCO2Q3k7TbjxVN3drFzqizLS1ND2uejYn9+wm:SoyB7kOk32Ak7vrxNHSbD2uekm
                                                                                                                                                                                                                          MD5:B0F37BBFC27CBBBCD0750A7E4754B95B
                                                                                                                                                                                                                          SHA1:E89C86712D27144DDA947B3EFEDB313D6D4BE6C1
                                                                                                                                                                                                                          SHA-256:F7694FD04A2A0F7DE560B7C43808AB767EB2672A733AA0A3FD752DD11F3DA515
                                                                                                                                                                                                                          SHA-512:D02BE8637C27652C152FD3AFD387DD47AE0D495293A321073B3E4DC3CBA3D14070221D58EE9A87627290262522E55200557A0A7F38FBD88905B18807FB3D52AE
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/plugins/easy-digital-downloads-pro/assets/css/edd.min.css?ver=3.2.12
                                                                                                                                                                                                                          Preview:.edd-icon{display:inline-block;fill:currentColor;position:relative;vertical-align:middle}.edd-icon-spin{display:inline-block;animation:edd-icon-spin 2s linear infinite}@keyframes edd-icon-spin{0%{transform:rotate(0deg)}to{transform:rotate(359deg)}}.edd_clearfix:after{display:block;visibility:hidden;float:none;clear:both;text-indent:-9999px;content:"."}#edd_checkout_cart{text-align:left;width:100%;border:none;margin:0 0 21px;table-layout:auto}#edd_checkout_cart td,#edd_checkout_cart th{text-align:left;border:1px solid #eee;color:#666;padding:.5em 1.387em}#edd_checkout_cart .edd_cart_header_row th{background:#fafafa;padding:1.387em}#edd_checkout_cart .edd_cart_discount_row th,#edd_checkout_cart .edd_cart_tax_row th{background:none}#edd_checkout_cart th{font-weight:700}#edd_checkout_cart td{line-height:25px;vertical-align:middle;background:#fff}#edd_checkout_cart td.edd_cart_actions,#edd_checkout_cart td:last-child,#edd_checkout_cart th.edd_cart_actions,#edd_checkout_cart th.edd_cart_tota

                                                                                                                                                                                                                          Chrome Cache Entry: 260

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:Web Open Font Format (Version 2), TrueType, length 66624, version 4.262
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):66624
                                                                                                                                                                                                                          Entropy (8bit):7.996443365254666
                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                          SSDEEP:1536:P7P0ehdxE792JHJ2qrz+MoCpeUtsG9eDeh9Zw+ZyqJ:PPlYw1re8Lsqh7MqJ
                                                                                                                                                                                                                          MD5:DB812D8A70A4E88E888744C1C9A27E89
                                                                                                                                                                                                                          SHA1:638C652D623280A58144F93E7B552C66D1667A11
                                                                                                                                                                                                                          SHA-256:FF82AEED6B9BB6701696C84D1B223D2E682EB78C89117A438CE6CFEA8C498995
                                                                                                                                                                                                                          SHA-512:17222F02957B3335849E3FE277B17C21C4AAF0C76CD3DA01A4CA39C035629695D29645913865B78E097066492F9CEE5618AF5159560363D2723BED7C3B9CF2A8
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/themes/meminz/fonts/fontawesome-webfont.woff2?v=4.5.0
                                                                                                                                                                                                                          Preview:wOF2.......@......*.............................?FFTM.. .`..r........5.6.$........ ..... ?webf.[.....@...nC....t.TL...f...t....q...5....?=i.l..\.vl ..T...b.... .1.f..7.T.Q....D.;:...1.l.jv..e....n..E....k5>.d.7Q.l..Ba....u.x].......W.C....$.8.v#..y`..F..1aM.8.....w.=|'..0..T|..2/..M.%.b.. .tY$!.....5cb.....(.&.-A/mY......./y..o\........Z=.....5c.k._.n3...(W.........Nag+.....O.R.'...5...=?....m...L......:..*._V...........z+zc.1`..Q#j.../.Z0...-..F..i.b.F"2.<EE...;.."u?..........R.Z.HR..D...x.Y,.5.Tt.vb...e..YN..sFND+........1.......`.....D.(.&6baP6(.....X.6gNW.6k..9]..v......$Cf.v.v..x@..-J.`G...w..w[..A.......4.msI>....i.......p..F(2b....~H.]J.]..j....F.f-~.@......gg.B.-..Tx.%..pU.u..me....'........;...@7..t.=pN....../_.U8.....r....s...X=g....H........j..c....d._1l:1i..I..T.r..>.....v{Gb...T1*...f.-.x.-i..{..1..h...>..(..3.3..!.$.:.....j.~....:ugv.......%.....?...d..5+......fU.z...X.X.<.c%@fBHO.8.....i..G...{...[..M#.FZk."_.'.n{.

                                                                                                                                                                                                                          Chrome Cache Entry: 261

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):50
                                                                                                                                                                                                                          Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                          MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                          SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                          SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                          SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                          Chrome Cache Entry: 262

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (7329), with no line terminators
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):7329
                                                                                                                                                                                                                          Entropy (8bit):5.163866264219447
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:192:SZlmgfn24Se6MpTXapkyN8jcpypscqDciqtiPh71:SZlnfUwXapkyN8jcpyioyh71
                                                                                                                                                                                                                          MD5:BD2D67186594B0E32223B293FDFCCA55
                                                                                                                                                                                                                          SHA1:B797A9D012C850B53A7CCC12211ADCFBCD9AE0BE
                                                                                                                                                                                                                          SHA-256:4F9F4E2E225088F9CF3B6B54AA421E0F776D1802255505D2F752E1F83F441641
                                                                                                                                                                                                                          SHA-512:C80A7CD15E27B24AE6A2B7E9E491BCB24EFA034BF730862F07E5CD22A0C7961B451F78B3D80AD212CBBB75B176DDAFDF84F9AABD027DBCEBAE3A8FBD48F6A8E0
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://stats.wp.com/e-202418.js
                                                                                                                                                                                                                          Preview:window.wpcom=window.wpcom||{};window._stq=window._stq||[];function st_go(t){window._stq.push(["view",t])};function linktracker_init(t,e){window._stq.push(["clickTrackerInit",t,e])};window.wpcom.stats=function(){var t=function(){var t,n;var o=function(t,e,n){if("function"===typeof t.addEventListener){t.addEventListener(e,n)}else if("object"===typeof t.attachEvent){t.attachEvent("on"+e,n)}};var i=function(t){if("object"===typeof t&&t.target){return t.target}else{return window.event.srcElement}};var r=function(t){var n=0;if("object"===typeof InstallTrigger)n=100;if(7===e())n=100;d(i(t),n)};var a=function(t){d(i(t),0)};var f=function(t){var e=document.location;if(e.host===t.host)return true;if(""===t.host)return true;if(e.protocol===t.protocol&&e.host===t.hostname){if("http:"===e.protocol&&e.host+":80"===t.host)return true;if("https:"===e.protocol&&e.host+":443"===t.host)return true};return false};var d=function(e,o){try{if("object"!==typeof e)return;while("A"!==e.nodeName){if("undefined"=

                                                                                                                                                                                                                          Chrome Cache Entry: 263

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):50
                                                                                                                                                                                                                          Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                          MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                          SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                          SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                          SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                          Chrome Cache Entry: 264

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:RIFF (little-endian) data, Web/P image
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):2550
                                                                                                                                                                                                                          Entropy (8bit):7.902095624622937
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:48:zf/k5ek6HGzl0PfBq2QyFFmNkppdh0AYlZYiEsHNhq1XtoLZqSVkaVkL:LzmZ0kp26AAYPsHNhatOqSCaVq
                                                                                                                                                                                                                          MD5:6CD06EAE151515BF506BE1EE105DC896
                                                                                                                                                                                                                          SHA1:AA1B8F9103262CE6BE28AF74F98D012EC15675AA
                                                                                                                                                                                                                          SHA-256:803FC07EFA4857073983BE545921C834451FA82C7CACC18C813112248A8BFD32
                                                                                                                                                                                                                          SHA-512:D370ACA0F1AA5952A1DB5854934BC84A44BBB44F9469F16A66E37C96D666FFCFD0C4E54AEBC48358178C3C12CA039C85B1D41D62ED11E0C57A2F554AAE51F278
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/uploads/bitsum_logo_transparent.png
                                                                                                                                                                                                                          Preview:RIFF....WEBPVP8L..../......9.$I...T./.O...T.ml.......O3.tA....K.l.V.}m.y.w.x...[..j..R...0..).A..@#D.RwRz......@Co..H .?.@.....P@.? ...h..... ...( ....._..4.@..........Z.].^}.o.....?.pJuW..kSL$..z..WN%W......Z.n...Ft.&W#..."..GJtF..]..oK....=..d...<...fGC[.v...*e.#.- ..j....A.F..@.C.T...*.)..@B.cE@-.@P).0Ce.i.,D.......).t..Y..Q........m4..3LC..{...[.J..E...h...:.<..H8.Q.j`H...q..Wf\.....j .....Qrj.oZ....K.......`n.....5..}$..%............6...m..?..P....4.9....M#.....NaJ.....`.q.a.].....e.6........?..O.$..6..ef.1....^........./......{g....=-....Z......M-.\.R4;..[.....b...[.-I.b...z,-....cS...`..../..W.?.4....A..w.|9bG-.g_......./.a......_......{........}.?9'.....e.l[Z.c..+......!.$.vC.8=.....]...35Qr..1$S..L/V.`u.j=[.<.!1;..h..+..u...L.[.....=...d..`D`|....V.....D....@....l[..S.o.:v..+}...............O.F..5...........^pdQ.iB..7....Q..G..<".Y.{.?J?..^V..O..m.....O~..#l8..s..CM..Yl.(.L.)...|...G).?z........g.(.Xs.{.#..)

                                                                                                                                                                                                                          Chrome Cache Entry: 265

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):364
                                                                                                                                                                                                                          Entropy (8bit):4.507877841449224
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:6:45q/oX+U3SXTnRt9Y1wPoXToA/RIw0wtF9T/THC/RIDJeW2ZHKCcVY/RIxXJW2ZR:4AgX+vf9QwwXTfZaaF9TbHCZQJiZ0qZO
                                                                                                                                                                                                                          MD5:AF1F0D0654CD2E4C260F77D1585A6AA7
                                                                                                                                                                                                                          SHA1:88DAA10D27AFCF40F2159F9009B3490BA31170D3
                                                                                                                                                                                                                          SHA-256:8C36D1F366C58B4D6A34629378A180CAC420368FCFA37A1427928DF07097B3B6
                                                                                                                                                                                                                          SHA-512:0D407443569A023B224C011DEFFD6B0B60CED49E7123BE925B9E2B75A2CE07ED271328906195DE5E0C5C7052B8514B4CE0F9F8788E6BDDD112E5E481CC8A70E3
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/plugins/bitsum-wp//css/edd-supplemental-styles.css?ver=35eac6e98b37c7568cceeeeb456d12a3
                                                                                                                                                                                                                          Preview:.edd-price-row {.. text-align: center;.. font-size: 1.2em;.. line-height: 1.2em;..}.....edd-price-heading {.. text-align: center;..}.....edd-checkout-strikethrough-price {.. text-decoration: line-through; .. color: red;..}.....edd-checkout-sale-price {.. font-weight: bold; ..}.....edd-checkout-regular-price {.. font-weight: bold;..}

                                                                                                                                                                                                                          Chrome Cache Entry: 266

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:Web Open Font Format (Version 2), TrueType, length 75760, version 330.32636
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):75760
                                                                                                                                                                                                                          Entropy (8bit):7.997151326002779
                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                          SSDEEP:1536:eDCuynfMqYjuMdpP1pYdx/Ox3QCm5Ryt4nDcr1hPbvPX/1fD:OWnfUj5XtpYdh8CR/QPbZ
                                                                                                                                                                                                                          MD5:832F6E62AAF3909D6B94C8A9C1E4DD51
                                                                                                                                                                                                                          SHA1:4A06418CB56A66AF5A1C0F59791469DEA1DC87FA
                                                                                                                                                                                                                          SHA-256:8556FD48CF33CA3028E3FFF4042979F224987EE317CC9032DD5BBA996B363009
                                                                                                                                                                                                                          SHA-512:6DDCD01A3C660F62049415C24C76492D2AC99AF465E09BD26C426B2A3C1B66878381CB9A7F2D50FA56B7BA1BAA2BE64558C7723F3C20D575A3FCB32E120C147A
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2
                                                                                                                                                                                                                          Preview:wOF2......'...........'..J.|....................?FFTM....`.............6.$........ ..+..j[]T.B..o.*....O#K..n....J.K......pG............./....i.v6f:.`.A.O)....xE+(c.eJ.;....+....H..)...4..s........"#"#"#"\..^...F....'..NdDdDd..z6K......i6"229...V[..Nxa..Q..k..w.g..oVp;....n..S.3..<3A...7".KTb....QA.d...,l-.(.]..f7..../p3.B.2...x..x .u....E[.)..`._..KGo....B..q..sG.*~..W.....9M8...M..0...1~.&.....}........D....5}.....`...X!.i7..Sc.&$+.~.y.w.B...........J..%.d..Rh...U......%Kl.N........q....%r...P.P.F...P..C4..j.......3....f...6.a.>...<+.a...|.ox~n....`.6..........T6jCDI..f2.@1....;0.=..;=.Q.NO/.........p...-..3..8.P.....3...4..[...m....K..#..8...\-.....'........c,F.....m....R....,..6..=...L..*.U.....sj.K.N7yhh...........6.....bcm..9.XV`.2...&m.d.l....}-..R....d....;}...i...2.J....<...o..u.Mo.?.d-.."..I.l~*.......@.....G O40....b!...{.nWv....../..HvfT...[.#.....Vj.l.=..d.8.d....pu/E;.J....2.K.P^9D"..P..... ..T....vU3.V..m..!.d.....b...

                                                                                                                                                                                                                          Chrome Cache Entry: 267

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (671)
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):3792
                                                                                                                                                                                                                          Entropy (8bit):5.051596494727918
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:96:gCNS6tfLzY3YpdedPCLz6LzozFdRSrgBYY5cloCF/PZ:LSquPc4EFdorGz5HCF/PZ
                                                                                                                                                                                                                          MD5:0681B249CF31FF48067CA31579C6A6C4
                                                                                                                                                                                                                          SHA1:FBBA098627C36520DCF06152C55C95598F851EFF
                                                                                                                                                                                                                          SHA-256:9FF821BF6AC0AC60E2E1E27F9658F27FCC593421E80BAB5CD60486700D267B06
                                                                                                                                                                                                                          SHA-512:9F4070CBEEF57B70DB8D2F8154F9D989D5EE2B175FC1386FC4862AC75F132239947D95C789EF56337246A80024FD4897CC7E3107E18DBF8EDCA4A0CCC31AB36F
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/plugins/nextgen-gallery/static/GalleryDisplay/common.js?ver=3.59.2
                                                                                                                                                                                                                          Preview:(function($){window.NggPaginatedGallery=function(displayed_gallery_id,container){this.displayed_gallery_id=displayed_gallery_id;this.container=$(container);this.container_name=container;this.get_displayed_gallery_obj=function(){var index='gallery_'+this.displayed_gallery_id;if(typeof(window.galleries[index])=='undefined'){return false;}else{return window.galleries[index];}};this.enable_ajax_pagination=function(){var self=this;$('body').on('click','a.ngg-browser-prev, a.ngg-browser-next',function(event){var skip=true;$(this).parents(container).each(function(){if($(this).data('nextgen-gallery-id')!=self.displayed_gallery_id){return true;}.skip=false;});if(!skip){event.preventDefault();}else{return;}.window['ngg_ajax_operaton_count']++;$('body, a').css('cursor','wait');$.get({url:$(this).attr('href'),headers:{'X-NGG-Pagination-Request':true},success:function(response){window['ngg_ajax_operaton_count']--;if(window['ngg_ajax_operaton_count']<=0){window['ngg_ajax_operaton_count']=0;$('body,

                                                                                                                                                                                                                          Chrome Cache Entry: 268

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):223
                                                                                                                                                                                                                          Entropy (8bit):4.544186889788819
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3:4BmWM+PL9FLC0A2ImW1XFptVXMfAIx3BZEXN6D+4RIJxcEIrgB7N9TELe3KMs5DV:4u+5Bs1H9iAYLZRI0hcBZ9538NWYn
                                                                                                                                                                                                                          MD5:D8084F85E088D323ADEDD37B9D4EFCD9
                                                                                                                                                                                                                          SHA1:9ED5D2385C0E02C7A7650F26FE7CE6FEEE2EA289
                                                                                                                                                                                                                          SHA-256:D081313013951F86B13F50BE1C70C0D0C0C81F28F9E32BCB01525B47AC48575B
                                                                                                                                                                                                                          SHA-512:42A8ED466478C677003D93F8E95206448126933CDBDD198DAE77967CAE48BBBD8FE5260657AE20061C960900B79E9178C408AE3672360D873B36AB13C3EBEAC3
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/plugins/edd-recurring/assets/css/styles.css?ver=2.12.3
                                                                                                                                                                                                                          Preview:.eddr-notice{margin:0;text-align:center}.eddr-notice.variable-prices{text-align:left}.eddr-cart-item-notice{text-align:left;font-size:.75em}.edd-recurring-failed-list span{display:block;padding-left:15px;padding-bottom:5px}

                                                                                                                                                                                                                          Chrome Cache Entry: 269

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (422)
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):457
                                                                                                                                                                                                                          Entropy (8bit):5.062678748736029
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:12:Uz77mxDChzQiwBmGam7vp9PSu7QqBYAQ7:Q778Ch3wBmGH7vKM7ux
                                                                                                                                                                                                                          MD5:E4BC17CC45CA91AB0F09DEA134975C51
                                                                                                                                                                                                                          SHA1:3C03312717FB495C051D02A3D27EC0D8ABC2557D
                                                                                                                                                                                                                          SHA-256:5A43A22E48F94B7A45A9A9B1A107F197213B73307FDFA2E6B2DAADAB264F94D2
                                                                                                                                                                                                                          SHA-512:F8E537A2168B94875BB7DDB9A20037C5BC79831C8B4E726F224F8D7C723C5C4B4512551697CF7BFB6CE4B5F8365DC1C027107FFE3435EA27C686F5AE96D921E7
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-includes/js/dist/dom-ready.min.js?ver=f77871ff7694fffea381
                                                                                                                                                                                                                          Preview:/*! This file is auto-generated */.(()=>{"use strict";var e={d:(t,d)=>{for(var o in d)e.o(d,o)&&!e.o(t,o)&&Object.defineProperty(t,o,{enumerable:!0,get:d[o]})},o:(e,t)=>Object.prototype.hasOwnProperty.call(e,t)},t={};function d(e){"undefined"!=typeof document&&("complete"!==document.readyState&&"interactive"!==document.readyState?document.addEventListener("DOMContentLoaded",e):e())}e.d(t,{default:()=>d}),(window.wp=window.wp||{}).domReady=t.default})();

                                                                                                                                                                                                                          Chrome Cache Entry: 270

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:PC bitmap, Windows 3.x format, 48 x 48 x 24, image size 6912, resolution 9449 x 9449 px/m, cbSize 6966, bits offset 54
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):6966
                                                                                                                                                                                                                          Entropy (8bit):4.755735232059843
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:96:3y7OJpqOMHZmO/w6oG4RPr2M9Ie7RKv6UY+nc:3yepdM5H/wZT2M+e7gv6UY+nc
                                                                                                                                                                                                                          MD5:E97C27D1C2142F1276F319A87B466484
                                                                                                                                                                                                                          SHA1:43ECEEF6D1269A1EE51C0914B7F3F303C7D8E9E7
                                                                                                                                                                                                                          SHA-256:A53A853591D9E14FC0C99103518EDA928B0FCCB3F4C923689C628C71CDCD3C2D
                                                                                                                                                                                                                          SHA-512:D9E984B4AB6688B7049632089AF8CE986911C463B28229759474F2D82007CB06054D1BCF5BD9306276194A9243C7449500DC6926DE9FC59E00404B5CD0F9C735
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Preview:BM6.......6...(...0...0................$...$.............................................................................................................................................................................................................u.P..?.w<.p=.m=.i=.h=.j=.l<.q<.xG..j................................................................................................X.=.v=.k=.a>.[>.W>.T>.S>.Q>.O>.Q>.S>.U>.Y=.`=.h<.s=.~q................................................................................A.|=.k=.b>.[>.V>.R>.Q>.P?.N?.M?.L?.K?.K?.M?.O>.Q>.R>.V>.^=.g<.s?..........................................................................C.~=.j=.`>.Z>.Y>.U>.T>.R>.Q>.Q>.Q>.P>.P?.O?.N>.P>.Q>.Q>.Q>.T>.X>.\=.c=.n;.|..............................................................k.<.p=.e=.`>.[>.Y>.W>.U>.S>.R>.Q>.Q>.Q>.Q>.Q>.Q>.Q>.Q>.Q9.K7.J7.L7.O7.Q7.V=.e=.n<.~.........................................................X.=.m=.e=.`>.\>.Y>.W>.V>.T>.S>.R>.Q>.Q>.R>.R>.R>.Q>.Q>

                                                                                                                                                                                                                          Chrome Cache Entry: 271

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1746), with no line terminators
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):1746
                                                                                                                                                                                                                          Entropy (8bit):4.71476640254322
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:24:R9qZyXByePGUFEe59EyHLtQ/r9ETQjEJxBH/qy0bDwD5qdvmAJ6l7IUk5IeI3:mqP75ZLt/TQoJ3yy0DwDeOs6lBp
                                                                                                                                                                                                                          MD5:0DB6DD5189171156E3A37D1C6CA962CD
                                                                                                                                                                                                                          SHA1:55DD9143464ACD418091C6FB48E17B69963DEFBD
                                                                                                                                                                                                                          SHA-256:6456DC825E5AA2E6FFE4EAF425BA95ACE10639ADBAAA9BE64029CB7E19581756
                                                                                                                                                                                                                          SHA-512:B82B3494043D92C65FBCFBFB373D48938FF9BE8C5A073337A52CCA3EDD2444510BD76CBE618C63BC1F674A405AE16B86F55B32DEC7670FBF449B9F4A0B3171B7
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/plugins/edd-software-licensing/assets/css/edd-sl.css?ver=3.8.11
                                                                                                                                                                                                                          Preview:.edd-sl-active{color:green}.edd-sl-inactive{color:gray}.edd-sl-expired{color:#dc3232}.edd_sl_license_row .view-key-wrapper{position:relative}.edd_sl_license_row input.edd_sl_license_key{border:none;cursor:pointer;display:block;margin:8px 0 0;outline:none;padding:0;width:100%}.edd_sl_license_row span.edd_sl_license_key{background:#f0f0f0;border:1px solid #ddd;display:none;left:0;max-width:inherit;padding:4px;position:absolute;text-align:center;top:30px;width:20em;z-index:999}.edd-sl-child-licenses{margin-bottom:0;margin-top:8px;width:auto}.edd-sl-child-licenses .edd_sl_license_key{margin-top:0}.edd-sl-child{margin-bottom:8px}.edd_sl_license_row .edd-sl-child span{display:block}#edd_checkout_form_wrap fieldset#edd_sl_renewal_fields{background:#fafafa;border:1px solid #eee;padding:1.387em}#edd_checkout_form_wrap #edd-license-key-container-wrap{padding:0 0 1em}#edd-cancel-license-renewal{border-color:transparent;font-weight:400;margin:0;outline:none;padding:0;vertical-align:middle}#edd-can

                                                                                                                                                                                                                          Chrome Cache Entry: 272

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):50
                                                                                                                                                                                                                          Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                          MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                          SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                          SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                          SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                          Chrome Cache Entry: 273

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:PNG image data, 300 x 261, 8-bit gray+alpha, non-interlaced
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):12720
                                                                                                                                                                                                                          Entropy (8bit):7.9617693380694
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:192:QW6O9NIP2QpocbBQyVt1iNOkbc2EQxqAt6P9olhMWf1QOU9tN1kWwKt:Qi9NfUaK0cGxqiIWdQztzt
                                                                                                                                                                                                                          MD5:82518080AB53E112882782D78006C2D0
                                                                                                                                                                                                                          SHA1:E21CF56383682C7BFEDB9871030949A1221606EF
                                                                                                                                                                                                                          SHA-256:729125074C56DD42DF6629CA94FA6D6B714354C2C03FFEE9D1E458438597EF70
                                                                                                                                                                                                                          SHA-512:E3F2B27EC07403BB05E98176CCEBC689C719C8B074187BCF864B659CE215DDBFD68E09374392036B88A5B108825F1E98798ACA09317CFEEB667613DEB3C29194
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Preview:.PNG........IHDR...,...............1wIDATx...=K.Q...+$....O..`.A:8(...n..B]...Rp.W...p.&R.. ..*.B. t+:fp..C.H..A..N.PPb..5...DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDz.P .......\.#....,..e.M.)3.D.|.-....+.].<+.a.m.t-..2.$..6..m.[.U...Vi...........u./.Q.F....S.a.S......w."..,.C....;..<..O..d....XP....P....2......s6x......u..+...C..H-vYf.]Z.}.G.....;)....%.K....c<..)F.s....|.)c..I..... ...H...F.....hD.*E....'..Q.l.g...V..]s-J./..f..M.Q'..!.I1..|b../..`7......y>r.a..3.70.1...7.0M.i...n....c.6.8.../.$!Uh...trRp..............:.......U."(.A.%]."..t..pBh..B....!\ML.y.}.....w)=RX1..G.E.s=1\w..Y..kS..63V..5.......8../.w..(-..G;...'...,..&.5m....L.......C..Y.......u.....I........Q...1...$A.Q..z...p9.Z4.....8......`.a.i.t.l|.|.^;8.Z.W@.Y....[.2..[.R.&.9e......uP{. ) .;n.@>..RZ.zt...=M.B.-/....!..P..e...{.=...."z4.%...I.......tR.v4....F_.U......e.V.....A.z..F4...UO...0\v.W.-..J.*..$IS.6.I......d.....>..".Fjc.U.\...dYe.6.X.E..}...W..l..i.l...T.....}.W..P..G...A.qB.

                                                                                                                                                                                                                          Chrome Cache Entry: 274

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (55739)
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):55921
                                                                                                                                                                                                                          Entropy (8bit):4.703436221015448
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:768:VOC31sPizPq4/vBUAUHJUkQdR/WMQyYJrX75CsmZQzF:VOTPUC4/pMHGBdcfd7ssjR
                                                                                                                                                                                                                          MD5:EDB3AB99460ADF2F03504C783F87446E
                                                                                                                                                                                                                          SHA1:8EF32EF156F9A608919BA9C6B3CDEB32D098C82B
                                                                                                                                                                                                                          SHA-256:96AAAB9A34711F1BEEF1C63071B992A7F3CB17654956CC09859D7A4DC71AB1F3
                                                                                                                                                                                                                          SHA-512:11ACA8C2F579CD0D08A67687BF9340DAD3FFB61AEBE0F6BCE908A61A3EE6FF27E901AED068499E3F953E8AEF4C036424EA9DEEE32EAE32FE1116AED28835ADDE
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=7.6
                                                                                                                                                                                                                          Preview:/*!. * Font Awesome Free 5.11.2 by @fontawesome - https://fontawesome.com. * License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License). */.fa,.fab,.fad,.fal,.far,.fas{-moz-osx-font-smoothing:grayscale;-webkit-font-smoothing:antialiased;display:inline-block;font-style:normal;font-variant:normal;text-rendering:auto;line-height:1}.fa-lg{font-size:1.33333em;line-height:.75em;vertical-align:-.0667em}.fa-xs{font-size:.75em}.fa-sm{font-size:.875em}.fa-1x{font-size:1em}.fa-2x{font-size:2em}.fa-3x{font-size:3em}.fa-4x{font-size:4em}.fa-5x{font-size:5em}.fa-6x{font-size:6em}.fa-7x{font-size:7em}.fa-8x{font-size:8em}.fa-9x{font-size:9em}.fa-10x{font-size:10em}.fa-fw{text-align:center;width:1.25em}.fa-ul{list-style-type:none;margin-left:2.5em;padding-left:0}.fa-ul>li{position:relative}.fa-li{left:-2em;position:absolute;text-align:center;width:2em;line-height:inherit}.fa-border{border:solid .08em #eee;border-radius:.1em;padding:.2em .25em .15em}.fa-pul

                                                                                                                                                                                                                          Chrome Cache Entry: 275

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:Web Open Font Format (Version 2), TrueType, length 75368, version 330.32636
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):75368
                                                                                                                                                                                                                          Entropy (8bit):7.9963062622222125
                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                          SSDEEP:1536:3votzoJ1K9hFGhTaNK2T2Ihn/KqymF7nTDAYbbaufVZZXyme0kml695:Q81EakQ2T2Ih/bjcY/aCZXvj6z
                                                                                                                                                                                                                          MD5:859C4002D9954718CAC1DDEA5555698F
                                                                                                                                                                                                                          SHA1:2392CE297C92BCF2C7D5A4C461A582DADC8039C8
                                                                                                                                                                                                                          SHA-256:5054AB369966FEA3657AC6AF00C3BC47BDC9E7B5114E61D1764BE06213CA9781
                                                                                                                                                                                                                          SHA-512:83CA3CB14DF9D05E3AB2A45042524733790977E5E1DF9A47DD52394D4E209DA643728AB47CCEBB56C1F9AD85501CF074CEB0F2CC5AE3F6AC6A81D967590D13BF
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-brands-400.woff2
                                                                                                                                                                                                                          Preview:wOF2......&h.......(..&..J.|....................?FFTM....`..2.....l..v.6.$..P..j.. .....G[.q'.@v...V..22....4.d..Sn.....:l..f..........c.&l....a.UU..Y..4... l.)...P3..I.a..Z..1c.}..h.u...0Y......b.b6l...l..a..fQ....._...........I....W.7em.s........!...M.....v.m..[..p..uuC..f..'..[>..xl(.E.GTh....qj....O...?...e.a2.eR.3..5._..2..M....cYaS.{.FG......%..L.....m..$...J..U.........u.L..f.y5.F....>....MU..n.(C]...._...~...Q....-.%%.........AE..s.b.b F..nsC7.v....S{?..E..`\((....mm.b.n.@.|..p.~.}..U{|`.....O..d.Iz)...q.p...@...d..0..a.,B.. ..iI.9=c.g..ky..p...D....o.{ll..8.zi]4.97.:`(+T.4.......g..l1..;..a..Z..7+#..r..<&...rq..v.y..-iw.#J..22@..gh....e%!...!..<D...wI^)..J.0.k..H.@b......x.m..l.X2..........O6....^h.i....(..Z.....%...G.D4...v&MC...Iw.... ..L........?..A.Z@.....&v&P..h|....*..#.....K.G..LK.X`LF#C..w.r.v..i.......*r....GL.".........C{,K2...MnOB.ui..?...y.|..P 0.K...eq..l.\8..........I..C..J.f.....Y...|.$..>W\...#.2...

                                                                                                                                                                                                                          Chrome Cache Entry: 276

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (59701)
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):113381
                                                                                                                                                                                                                          Entropy (8bit):4.921824878665509
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:1536:MZeJKfZdlk2u5SOV+UQ37410kxJdPfrF3Ps:MZeJMTk2u5SOV+UQ37410kTd3Z3Ps
                                                                                                                                                                                                                          MD5:51A8390B47AA0582CF2D9C96C5ADDEE2
                                                                                                                                                                                                                          SHA1:B16A640874025D085C38119A1A02A3460F83F2DE
                                                                                                                                                                                                                          SHA-256:98CECF88A23542FA047CE46EEDB650B5C5128761ED4386C0977B847094DDFA20
                                                                                                                                                                                                                          SHA-512:711162AB43E59E0FF5F050CCA4278682194248A13EF2EE1F00AB276B6221E7A4DDDEB9645E8798E7F67A34F0001C8F63469F2B2C3E6D4E2519ADA30B6775E191
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-includes/css/dist/block-library/style.min.css?ver=35eac6e98b37c7568cceeeeb456d12a3
                                                                                                                                                                                                                          Preview:@charset "UTF-8";.wp-block-archives{box-sizing:border-box}.wp-block-archives-dropdown label{display:block}.wp-block-avatar{line-height:0}.wp-block-avatar,.wp-block-avatar img{box-sizing:border-box}.wp-block-avatar.aligncenter{text-align:center}.wp-block-audio{box-sizing:border-box}.wp-block-audio figcaption{margin-bottom:1em;margin-top:.5em}.wp-block-audio audio{min-width:300px;width:100%}.wp-block-button__link{box-sizing:border-box;cursor:pointer;display:inline-block;text-align:center;word-break:break-word}.wp-block-button__link.aligncenter{text-align:center}.wp-block-button__link.alignright{text-align:right}:where(.wp-block-button__link){border-radius:9999px;box-shadow:none;padding:calc(.667em + 2px) calc(1.333em + 2px);text-decoration:none}.wp-block-button[style*=text-decoration] .wp-block-button__link{text-decoration:inherit}.wp-block-buttons>.wp-block-button.has-custom-width{max-width:none}.wp-block-buttons>.wp-block-button.has-custom-width .wp-block-button__link{width:100%}.wp-bl

                                                                                                                                                                                                                          Chrome Cache Entry: 277

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:RIFF (little-endian) data, Web/P image
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):112
                                                                                                                                                                                                                          Entropy (8bit):6.0950831585681575
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3:Y1Zre1oAaf9Lo/btr68sKY5BylhuP11tF3X9W5yz:uZ2oiTZKKY6uP1ntlz
                                                                                                                                                                                                                          MD5:D263938B2B3E1621BC75ED202E7ED580
                                                                                                                                                                                                                          SHA1:EBABEF89B77B1C46FAF875C760F2A9721545CA31
                                                                                                                                                                                                                          SHA-256:EB3699DBD82C75BCCDC99273BD893A3C3DB1B5111C15C0CA002AF463BC762788
                                                                                                                                                                                                                          SHA-512:B27820ABFC7AD2A26792C8BD4F275914EDFC18F6E9DF7A42A6FC246146A9EC157D508EB71306DD393D7C190525490E1B589B03F3725B6057E5F866758023DD63
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/themes/meminz/img/pricing-line.png
                                                                                                                                                                                                                          Preview:RIFFh...WEBPVP8L\.../..........CD...6m#.Z.....'...m. ......p..z..l..W.ppD4.`.E......# (rG.e........mke......

                                                                                                                                                                                                                          Chrome Cache Entry: 278

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:GIF image data, version 89a, 6 x 5
                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                          Size (bytes):50
                                                                                                                                                                                                                          Entropy (8bit):3.8488255736198
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3:CN+ltRPQEsJen2sSX:xvQEsJ42sSX
                                                                                                                                                                                                                          MD5:E4D673A55C5656F19EF81563FB10884C
                                                                                                                                                                                                                          SHA1:1F2D8ED221D39329251AD3A6FF1EDB20B7219443
                                                                                                                                                                                                                          SHA-256:F3A8992ACB9AB911E0FA4AE12F4B85EF8E61008619F13EE51C7A121FF87F63B1
                                                                                                                                                                                                                          SHA-512:E0B03411282A979CF772F700D9E5634B0C25C612E380AD33C0D59059B1B479D027016D5BEB148403EF185430DB35F5FAED362F36CE2C8ECAD0E6D8E30CEA97B4
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          Preview:GIF89a.............!.......,............bx..j....;

                                                                                                                                                                                                                          Chrome Cache Entry: 279

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1769), with no line terminators
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):1769
                                                                                                                                                                                                                          Entropy (8bit):5.024508198384572
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:48:0f321ezZRHm6ivYFqdtkHA2HGa2cIE62UYXcZ5xCQ5h5kIF:0f321Qnm6iipg2V2z9zY2
                                                                                                                                                                                                                          MD5:D0B8782045CFA4462AC7B9D42AC16206
                                                                                                                                                                                                                          SHA1:D9C822D53C2EB6A3296D40AF31F57E47B4BD2C20
                                                                                                                                                                                                                          SHA-256:D565603114E33EC4E10B3837BEC54E36EC89CE67BE60D574E72E1D695F631EED
                                                                                                                                                                                                                          SHA-512:842B649BF0DCB84CA61FCC643E858598A42AC8F006067C776E8A0ECF1D47554D9E25B0B554713AA32C041FCC4B79357DCC74EA53F55CCAB0F8A45D1BD41B561D
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/plugins/theme-my-login/assets/scripts/theme-my-login.min.js?ver=7.1.7
                                                                                                                                                                                                                          Preview:!function(n){n(".tml").on("submit",'form[data-ajax="1"]',function(a){var e=n(this),s=e.find(":input"),t=e.find(":submit"),r=n(a.delegateTarget).find(".tml-alerts");a.preventDefault(),r.empty(),s.prop("readonly",!0),t.prop("disabled",!0),n.ajax({data:e.serialize()+"&ajax=1",method:e.attr("method")||"get",url:e.attr("action")}).always(function(){s.prop("readonly",!1),t.prop("disabled",!1)}).done(function(a){a.success?a.data.refresh?location.reload(!0):a.data.redirect?location.href=a.data.redirect:a.data.notice&&r.hide().html(a.data.notice).fadeIn():r.hide().html(a.data.errors).fadeIn()}).fail(function(a,e,s){a.responseJSON.data.errors&&r.hide().html(a.responseJSON.data.errors).fadeIn()})})}(jQuery),function(s){s(function(){var a,e;if(themeMyLogin.action)switch(a=s("#user_login"),themeMyLogin.action){case"activate":(e=s("#key")).length&&e.focus();break;case"lostpassword":case"retrievepassword":case"register":a.focus();break;case"resetpass":case"rp":s("#pass1").focus();break;case"login":-1

                                                                                                                                                                                                                          Chrome Cache Entry: 280

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (34217)
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):34399
                                                                                                                                                                                                                          Entropy (8bit):4.8846438367170535
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:192:WP6cb0bcx4cgVU92oIGDE8Kcsy1KsF7ndtgMn+I1zTV3c8jevMykD:Vczx4cgVfLGDEbK1J7nd71tXjevMyw
                                                                                                                                                                                                                          MD5:FFB96099720DDE6483D7CAB290C543EE
                                                                                                                                                                                                                          SHA1:1A6ECE8EEE36923D795CDF78674B47E7F1B8E94F
                                                                                                                                                                                                                          SHA-256:CDFDF586F38CFB19C6264343CC6A64ADCE7FF0961834E96A2F912F01DC29E3F0
                                                                                                                                                                                                                          SHA-512:2DD72F92CCDDE1AA2CD10F9A0FB05F29C67DBF3CE48374A2122DCDF514B2C48895B2CE1A6A8A246B2EA0F37FCE8CFE8C7221EAD3309DF3E9B61227428D23857F
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=7.6
                                                                                                                                                                                                                          Preview:/*!. * Font Awesome Free 5.11.2 by @fontawesome - https://fontawesome.com. * License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License). */.fa.fa-glass:before{content:"\f000"}.fa.fa-meetup{font-family:'Font Awesome 5 Brands';font-weight:400}.fa.fa-star-o{font-family:'Font Awesome 5 Free';font-weight:400}.fa.fa-star-o:before{content:"\f005"}.fa.fa-remove:before{content:"\f00d"}.fa.fa-close:before{content:"\f00d"}.fa.fa-gear:before{content:"\f013"}.fa.fa-trash-o{font-family:'Font Awesome 5 Free';font-weight:400}.fa.fa-trash-o:before{content:"\f2ed"}.fa.fa-file-o{font-family:'Font Awesome 5 Free';font-weight:400}.fa.fa-file-o:before{content:"\f15b"}.fa.fa-clock-o{font-family:'Font Awesome 5 Free';font-weight:400}.fa.fa-clock-o:before{content:"\f017"}.fa.fa-arrow-circle-o-down{font-family:'Font Awesome 5 Free';font-weight:400}.fa.fa-arrow-circle-o-down:before{content:"\f358"}.fa.fa-arrow-circle-o-up{font-family:'Font Awesome 5 Free';font-weight

                                                                                                                                                                                                                          Chrome Cache Entry: 281

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (6964), with no line terminators
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):6964
                                                                                                                                                                                                                          Entropy (8bit):5.155453426869548
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:96:Fty5FTrxBuUOvN+oU6tKtbRCtftrtHtLtNtWt/t7bKj5TfD42QVIqIjWrjXTLCOJ:8NrxBuXvgoFj5fjUXmW
                                                                                                                                                                                                                          MD5:DFA60837B33FDA13599CB87665A15A5E
                                                                                                                                                                                                                          SHA1:182A5C0C60AABF8F1003ABCD84BC1DE0B43157A7
                                                                                                                                                                                                                          SHA-256:1C4BBA6EBA933B827866A9028E986826FC3A96B399660E4E40E1B59D2B9B559D
                                                                                                                                                                                                                          SHA-512:74C6CAB01A345C034C740EA19CD35B7274150C2A13C7560A3433AA66C68F5301B0E14527D102970286FA8DC5C1C53152F39841B8EAC5027EA3B04A5D6234A517
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/plugins/nextgen-gallery/static/Lightbox/fancybox/jquery.fancybox-1.3.4.css?ver=3.59.2
                                                                                                                                                                                                                          Preview:#fancybox-loading{position:fixed;top:50%;left:50%;width:40px;height:40px;margin-top:-20px;margin-left:-20px;cursor:pointer;overflow:hidden;z-index:1104;display:none}#fancybox-loading div{position:absolute;top:0;left:0;width:40px;height:480px;background-image:url(fancybox.png)}#fancybox-overlay{position:absolute;top:0;left:0;width:100%;z-index:1100;display:none}#fancybox-tmp{padding:0;margin:0;border:0;overflow:auto;display:none}#fancybox-wrap{position:absolute;top:0;left:0;padding:20px;z-index:1101;outline:none;display:none}#fancybox-outer{position:relative;width:100%;height:100%;background:#fff}#fancybox-content{width:0;height:0;padding:0;outline:none;position:relative;overflow:hidden;z-index:1102;border:0 solid #fff}#fancybox-hide-sel-frame{position:absolute;top:0;left:0;width:100%;height:100%;background:0 0;z-index:1101}#fancybox-close{position:absolute;top:-15px;right:-15px;width:30px;height:30px;background:transparent url(fancybox.png) -40px 0;cursor:pointer;z-index:1103;display:n

                                                                                                                                                                                                                          Chrome Cache Entry: 282

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):107794
                                                                                                                                                                                                                          Entropy (8bit):5.045972029548791
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:3072:62dKhLkE3fqHGp1uQsJSCFCzT+Vulo27i3J3nQ9tQIK:62dc3fqHGp1uQsJSCFp3J3nQ9tQIK
                                                                                                                                                                                                                          MD5:B4E165AF94210494139C45CC1794AB62
                                                                                                                                                                                                                          SHA1:7AC4D0BD6A40320842BC798A285C5EC726F51A3A
                                                                                                                                                                                                                          SHA-256:2EC23484FAE47980001EED8805EF2FA389D25D6B9DB0A5AAEB41ECB76C411905
                                                                                                                                                                                                                          SHA-512:62E853B487942DB76E1247879A0C8800E0D461929D6F731F3C4A52B053B81972937884EEC1E4EE8CCCB02E1780716914D218F40DBC45DB3EA3F0E00BC088EDA8
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/plugins/jetpack/css/jetpack.css?ver=13.3.1
                                                                                                                                                                                                                          Preview:@charset "UTF-8";@font-face{font-family:swiper-icons;font-style:normal;font-weight:400;src:url("data:application/font-woff;charset=utf-8;base64, d09GRgABAAAAAAZgABAAAAAADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABGRlRNAAAGRAAAABoAAAAci6qHkUdERUYAAAWgAAAAIwAAACQAYABXR1BPUwAABhQAAAAuAAAANuAY7+xHU1VCAAAFxAAAAFAAAABm2fPczU9TLzIAAAHcAAAASgAAAGBP9V5RY21hcAAAAkQAAACIAAABYt6F0cBjdnQgAAACzAAAAAQAAAAEABEBRGdhc3AAAAWYAAAACAAAAAj//wADZ2x5ZgAAAywAAADMAAAD2MHtryVoZWFkAAABbAAAADAAAAA2E2+eoWhoZWEAAAGcAAAAHwAAACQC9gDzaG10eAAAAigAAAAZAAAArgJkABFsb2NhAAAC0AAAAFoAAABaFQAUGG1heHAAAAG8AAAAHwAAACAAcABAbmFtZQAAA/gAAAE5AAACXvFdBwlwb3N0AAAFNAAAAGIAAACE5s74hXjaY2BkYGAAYpf5Hu/j+W2+MnAzMYDAzaX6QjD6/4//Bxj5GA8AuRwMYGkAPywL13jaY2BkYGA88P8Agx4j+/8fQDYfA1AEBWgDAIB2BOoAeNpjYGRgYNBh4GdgYgABEMnIABJzYNADCQAACWgAsQB42mNgYfzCOIGBlYGB0YcxjYGBwR1Kf2WQZGhhYGBiYGVmgAFGBiQQkOaawtDAoMBQxXjg/wEGPcYDDA4wNUA2CCgwsAAAO4EL6gAAeNpj2M0gyAACqxgGNWBkZ2D4/wMA+xkDdgAAAHjaY2BgYGaAYBkGRgYQiAHyGMF8FgYHIM3DwMHABGQrMOgyWDLEM1T9/w8UBfEMgLzE////P/5//f/V/xv

                                                                                                                                                                                                                          Chrome Cache Entry: 283

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:HTML document, ASCII text, with very long lines (930), with no line terminators
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):930
                                                                                                                                                                                                                          Entropy (8bit):5.12292712843304
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:24:0jHQfOuH41YiLY3WL3QquM32EhEcx+Ps2P2pCgrsLHOII:0EJpNqycBxWACgrsDOt
                                                                                                                                                                                                                          MD5:06BFCD88AF438673A8BF9B845A11AA6E
                                                                                                                                                                                                                          SHA1:D024A745032CBE115526ABE648D9FA0F0A10A681
                                                                                                                                                                                                                          SHA-256:947AC0903521F5ECEEFC90637C066306A8CA67466CCC188BB0107FB7CFB532D1
                                                                                                                                                                                                                          SHA-512:6A37EA27F3AD16DE6BCB4C386D9F09962902AE2F2FDF76B6723CFF8155CD0B9D4504D1EA6ED3C4D5C9D49BE9C636EB9386BB13C9A787A71F02640A8EC939D180
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://m.stripe.network/inner.html
                                                                                                                                                                                                                          Preview:<!doctype html><html><head><meta charset="utf-8"><title>StripeM-Inner</title></head><body><script>!function(){var e=document.createElement("script");e.defer=!0,e.src="out-4.5.43.js",e.onload=function(){var e;window.StripeM&&(e=window.location.hash,/ping=false/.test(e)||(e=(e=e.match(/version=(4|6)/))?e[1]:"4",window.StripeM.p({t:!0,v:e})),e=function(e){if(window.opener||window.parent||window)try{var i=((t=JSON.parse(e.data)).message||t).action,t=t.message?t.message.payload:t;switch(i){case"ping":window.StripeM.p({t:!0,o:{muid:t.muid,sid:t.sid,referrer:t.referrer,url:t.url,title:t.title,v2:t.v2},v:t.version||"4"});break;case"track":if(!t.source||!t.data)return;window.StripeM.b({muid:t.muid,sid:t.sid,url:t.url,source:t.source,data:t.data},t.version||"4")}}catch(e){}},window.addEventListener?window.addEventListener("message",e,!1):window.attachEvent("onMessage",e))},document.body.appendChild(e)}()</script></body></html>

                                                                                                                                                                                                                          Chrome Cache Entry: 284

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (2203), with no line terminators
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):2203
                                                                                                                                                                                                                          Entropy (8bit):5.032375230756419
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:48:11guMY69cQiSd07kl11guMY69cQiSd07kJsaQusWPyKrs:wnXf6QunXf6QkWPyL
                                                                                                                                                                                                                          MD5:2DDE014DB49303C0967B777EFE76ED85
                                                                                                                                                                                                                          SHA1:FB17DE6846C31A819862F8658A3A67D549654033
                                                                                                                                                                                                                          SHA-256:1F6DD5DF2452895743979DF19F48B23E800127CCCA3C50B11D496BE826668E13
                                                                                                                                                                                                                          SHA-512:102295821406277965C99942C11763473C8E93BE7628ED785729633D7A8AD49E11E4E70A61BCC3B0F4043865888B3C943469D1DF341E28846A2D2811733B617A
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-content/plugins/edd-multi-currency/assets/build/frontend.js?ver=1.1.1
                                                                                                                                                                                                                          Preview:!function(e){var t={};function n(r){if(t[r])return t[r].exports;var o=t[r]={i:r,l:!1,exports:{}};return e[r].call(o.exports,o,o.exports,n),o.l=!0,o.exports}n.m=e,n.c=t,n.d=function(e,t,r){n.o(e,t)||Object.defineProperty(e,t,{enumerable:!0,get:r})},n.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},n.t=function(e,t){if(1&t&&(e=n(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var r=Object.create(null);if(n.r(r),Object.defineProperty(r,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var o in e)n.d(r,o,function(t){return e[t]}.bind(null,o));return r},n.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return n.d(t,"a",t),t},n.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},n.p="",n(n.s=29)}({29:function(e,t,n){"use strict";n.r(t)}}),function(e){var t={};function n(r){if(t[r])re

                                                                                                                                                                                                                          Chrome Cache Entry: 285

                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (4186), with no line terminators
                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                          Size (bytes):4186
                                                                                                                                                                                                                          Entropy (8bit):4.923675414240059
                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                          SSDEEP:48:wFfAeWkkqEsKO+TBxaBIIj+NqUFQW76d7JrOv2bN:wueWkkrLoI7U
                                                                                                                                                                                                                          MD5:EA958276B7DE454BD3C2873F0DC47E5F
                                                                                                                                                                                                                          SHA1:B143F6E8E8F79D8F104C26B0057EF5514D763219
                                                                                                                                                                                                                          SHA-256:2E10D353FF038C2CAD3492FC17801AF3E6EF2669C9E9713BDB78B1DCB104C4FE
                                                                                                                                                                                                                          SHA-512:2D40A1E713355EFF88FA3BBF5471B4DB5ACC48FA2B978A555C034F2E5C7F131FCAF48E849D5D048DF9D5DAE068C4B6467A97B1DDE99115E6B32F57E928569FC1
                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                          URL:https://bitsum.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=35eac6e98b37c7568cceeeeb456d12a3
                                                                                                                                                                                                                          Preview:.mejs-container{clear:both;max-width:100%}.mejs-container *{font-family:Helvetica,Arial}.mejs-container,.mejs-container .mejs-controls,.mejs-embed,.mejs-embed body{background:#222}.mejs-time{font-weight:400;word-wrap:normal}.mejs-controls a.mejs-horizontal-volume-slider{display:table}.mejs-controls .mejs-horizontal-volume-slider .mejs-horizontal-volume-current,.mejs-controls .mejs-time-rail .mejs-time-loaded{background:#fff}.mejs-controls .mejs-time-rail .mejs-time-current{background:#0073aa}.mejs-controls .mejs-horizontal-volume-slider .mejs-horizontal-volume-total,.mejs-controls .mejs-time-rail .mejs-time-total{background:rgba(255,255,255,.33)}.mejs-controls .mejs-horizontal-volume-slider .mejs-horizontal-volume-current,.mejs-controls .mejs-horizontal-volume-slider .mejs-horizontal-volume-total,.mejs-controls .mejs-time-rail span{border-radius:0}.mejs-overlay-loading{background:0 0}.mejs-controls button:hover{border:none;-webkit-box-shadow:none;box-shadow:none}.me-cannotplay{width:au

                                                                                                                                                                                                                          Static File Info

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                          Entropy (8bit):7.9598038783424885
                                                                                                                                                                                                                          TrID:
                                                                                                                                                                                                                          • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                                                                                                                                                                          • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                                                                                                                                                          • DOS Executable Generic (2002/1) 0.02%
                                                                                                                                                                                                                          • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                                                                                                          File name:SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                                                          File size:2'995'928 bytes
                                                                                                                                                                                                                          MD5:99f74d2572735bbacb8251a73e9cb312
                                                                                                                                                                                                                          SHA1:5a43d2e4314e32572d6399ec61175f42af567822
                                                                                                                                                                                                                          SHA256:b68bf709ac86ed32664e0e2ddd27da386281480979860e95240ced16f50fd926
                                                                                                                                                                                                                          SHA512:59f6952f97cca808bcca9b27f6c53b27765ead3f3ecd029efccef61ccc8d0a1d81a2567b2f635e98a67cb6c63492f3b61c0c8164798e170841e6a4c826f4b7a4
                                                                                                                                                                                                                          SSDEEP:49152:vILFsMqFOlvutlmPtjMwI6osgyxod2NTtrnDz2mu+Re8dVq1OTLsGG:vuYFuUoPtjPI6ngUSchf2rXZOPY
                                                                                                                                                                                                                          TLSH:C3D52302BBC586B3E61329334B604B25893CBD206F255CE767F96A0FEF631C19235796
                                                                                                                                                                                                                          File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$............w...w...w..<.V..w..<.T..w..<.U..w....Z..w.......w.......w.......w....$..w....4..w...w...v.......w.......w....X..w.......w.

                                                                                                                                                                                                                          File Icon

                                                                                                                                                                                                                          Icon Hash:1515d4d4442f2d2d

                                                                                                                                                                                                                          Static PE Info

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          Entrypoint:0x420790
                                                                                                                                                                                                                          Entrypoint Section:.text
                                                                                                                                                                                                                          Digitally signed:true
                                                                                                                                                                                                                          Imagebase:0x400000
                                                                                                                                                                                                                          Subsystem:windows gui
                                                                                                                                                                                                                          Image File Characteristics:EXECUTABLE_IMAGE, 32BIT_MACHINE
                                                                                                                                                                                                                          DLL Characteristics:DYNAMIC_BASE, NX_COMPAT, GUARD_CF, TERMINAL_SERVER_AWARE
                                                                                                                                                                                                                          Time Stamp:0x64C8CFB2 [Tue Aug 1 09:26:10 2023 UTC]
                                                                                                                                                                                                                          TLS Callbacks:
                                                                                                                                                                                                                          CLR (.Net) Version:
                                                                                                                                                                                                                          OS Version Major:5
                                                                                                                                                                                                                          OS Version Minor:1
                                                                                                                                                                                                                          File Version Major:5
                                                                                                                                                                                                                          File Version Minor:1
                                                                                                                                                                                                                          Subsystem Version Major:5
                                                                                                                                                                                                                          Subsystem Version Minor:1
                                                                                                                                                                                                                          Import Hash:0ae9e38912ff6bd742a1b9e5c003576a

                                                                                                                                                                                                                          Authenticode Signature

                                                                                                                                                                                                                          Signature Valid:true
                                                                                                                                                                                                                          Signature Issuer:CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1, O="DigiCert, Inc.", C=US
                                                                                                                                                                                                                          Signature Validation Error:The operation completed successfully
                                                                                                                                                                                                                          Error Number:0
                                                                                                                                                                                                                          Not Before, Not After
                                                                                                                                                                                                                          • 07/02/2023 00:00:00 08/03/2025 23:59:59
                                                                                                                                                                                                                          Subject Chain
                                                                                                                                                                                                                          • CN=Bitsum LLC, O=Bitsum LLC, L=Morristown, S=Tennessee, C=US, SERIALNUMBER=000681038, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Tennessee, OID.1.3.6.1.4.1.311.60.2.1.3=US
                                                                                                                                                                                                                          Version:3
                                                                                                                                                                                                                          Thumbprint MD5:FB9B0227584CEEB65B18E46C16D44130
                                                                                                                                                                                                                          Thumbprint SHA-1:D711D20586F0E0C654A9B0D3AA5EC9BC4295B5DC
                                                                                                                                                                                                                          Thumbprint SHA-256:B309179E6516E33D374264683B0751DB5F23B09E625FF0B6A4163DF28051D08C
                                                                                                                                                                                                                          Serial:0B494D7DF02097107B9065025133FE92

                                                                                                                                                                                                                          Entrypoint Preview

                                                                                                                                                                                                                          Instruction
                                                                                                                                                                                                                          call 00007F5F3D3C7D6Bh
                                                                                                                                                                                                                          jmp 00007F5F3D3C771Dh
                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                          push 00423A90h
                                                                                                                                                                                                                          push dword ptr fs:[00000000h]
                                                                                                                                                                                                                          mov eax, dword ptr [esp+10h]
                                                                                                                                                                                                                          mov dword ptr [esp+10h], ebp
                                                                                                                                                                                                                          lea ebp, dword ptr [esp+10h]
                                                                                                                                                                                                                          sub esp, eax
                                                                                                                                                                                                                          push ebx
                                                                                                                                                                                                                          push esi
                                                                                                                                                                                                                          push edi
                                                                                                                                                                                                                          mov eax, dword ptr [004407A8h]
                                                                                                                                                                                                                          xor dword ptr [ebp-04h], eax
                                                                                                                                                                                                                          xor eax, ebp
                                                                                                                                                                                                                          push eax
                                                                                                                                                                                                                          mov dword ptr [ebp-18h], esp
                                                                                                                                                                                                                          push dword ptr [ebp-08h]
                                                                                                                                                                                                                          mov eax, dword ptr [ebp-04h]
                                                                                                                                                                                                                          mov dword ptr [ebp-04h], FFFFFFFEh
                                                                                                                                                                                                                          mov dword ptr [ebp-08h], eax
                                                                                                                                                                                                                          lea eax, dword ptr [ebp-10h]
                                                                                                                                                                                                                          mov dword ptr fs:[00000000h], eax
                                                                                                                                                                                                                          ret
                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                          mov ecx, dword ptr [ebp-10h]
                                                                                                                                                                                                                          mov dword ptr fs:[00000000h], ecx
                                                                                                                                                                                                                          pop ecx
                                                                                                                                                                                                                          pop edi
                                                                                                                                                                                                                          pop edi
                                                                                                                                                                                                                          pop esi
                                                                                                                                                                                                                          pop ebx
                                                                                                                                                                                                                          mov esp, ebp
                                                                                                                                                                                                                          pop ebp
                                                                                                                                                                                                                          push ecx
                                                                                                                                                                                                                          ret
                                                                                                                                                                                                                          push ebp
                                                                                                                                                                                                                          mov ebp, esp
                                                                                                                                                                                                                          sub esp, 0Ch
                                                                                                                                                                                                                          lea ecx, dword ptr [ebp-0Ch]
                                                                                                                                                                                                                          call 00007F5F3D3BA5B1h
                                                                                                                                                                                                                          push 0043D14Ch
                                                                                                                                                                                                                          lea eax, dword ptr [ebp-0Ch]
                                                                                                                                                                                                                          push eax
                                                                                                                                                                                                                          call 00007F5F3D3CA3C5h
                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                          jmp 00007F5F3D3CC298h
                                                                                                                                                                                                                          push ebp
                                                                                                                                                                                                                          mov ebp, esp
                                                                                                                                                                                                                          and dword ptr [00463D58h], 00000000h
                                                                                                                                                                                                                          sub esp, 24h
                                                                                                                                                                                                                          or dword ptr [004407A0h], 01h
                                                                                                                                                                                                                          push 0000000Ah
                                                                                                                                                                                                                          call dword ptr [004341C4h]
                                                                                                                                                                                                                          test eax, eax
                                                                                                                                                                                                                          je 00007F5F3D3C7A52h
                                                                                                                                                                                                                          and dword ptr [ebp-10h], 00000000h
                                                                                                                                                                                                                          xor eax, eax
                                                                                                                                                                                                                          push ebx
                                                                                                                                                                                                                          push esi
                                                                                                                                                                                                                          push edi
                                                                                                                                                                                                                          xor ecx, ecx
                                                                                                                                                                                                                          lea edi, dword ptr [ebp-24h]

                                                                                                                                                                                                                          Rich Headers

                                                                                                                                                                                                                          Programming Language:
                                                                                                                                                                                                                          • [ C ] VS2008 SP1 build 30729
                                                                                                                                                                                                                          • [IMP] VS2008 SP1 build 30729

                                                                                                                                                                                                                          Data Directories

                                                                                                                                                                                                                          NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_EXPORT0x3e3800x34.rdata
                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_IMPORT0x3e3b40x50.rdata
                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_RESOURCE0x660000xdff8.rsrc
                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_SECURITY0x2d8d400x2998
                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_BASERELOC0x740000x23dc.reloc
                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_DEBUG0x3c1b00x54.rdata
                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x366a80x40.rdata
                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_IAT0x340000x278.rdata
                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x3d85c0x120.rdata
                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                                                          Sections

                                                                                                                                                                                                                          NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                                                          .text0x10000x32dcc0x32e00bf3082787caa3b02fd9d989022806d04False0.592286355958231data6.705330880207017IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                          .rdata0x340000xb1d00xb200ba53cf76fc539872e6fb32f5b59318a2False0.46025719803370785data5.269843738840559IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                          .data0x400000x247500x120063d51bc646ae841bb4737f86d3d78592False0.4058159722222222data4.083590987791496IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                          .didat0x650000x1a40x200deb77807258e64170eadd0d48c2f3f11False0.46484375data3.5190901598372837IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                          .rsrc0x660000xdff80xe000699399d7d2e63f9a36984a221fc02f75False0.6373465401785714data6.63871928699419IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                          .reloc0x740000x23dc0x2400e49afaf69d5cac6d9ffa2d43bc30363aFalse0.7861328125data6.67388754981222IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                                                                                                                                                                                                                          Resources

                                                                                                                                                                                                                          NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                                                                                                          PNG0x666500xb45PNG image data, 93 x 302, 8-bit/color RGB, non-interlacedEnglishUnited States1.0027729636048528
                                                                                                                                                                                                                          PNG0x671980x15a9PNG image data, 186 x 604, 8-bit/color RGB, non-interlacedEnglishUnited States0.9363390441839495
                                                                                                                                                                                                                          RT_ICON0x687480x568Device independent bitmap graphic, 16 x 32 x 8, image size 256, resolution 2834 x 2834 px/m, 256 important colorsEnglishUnited States0.47832369942196534
                                                                                                                                                                                                                          RT_ICON0x68cb00x8a8Device independent bitmap graphic, 32 x 64 x 8, image size 1024, resolution 2834 x 2834 px/m, 256 important colorsEnglishUnited States0.5410649819494585
                                                                                                                                                                                                                          RT_ICON0x695580xea8Device independent bitmap graphic, 48 x 96 x 8, image size 2304, resolution 2834 x 2834 px/m, 256 important colorsEnglishUnited States0.4933368869936034
                                                                                                                                                                                                                          RT_ICON0x6a4000x468Device independent bitmap graphic, 16 x 32 x 32, image size 1024, resolution 2834 x 2834 px/mEnglishUnited States0.5390070921985816
                                                                                                                                                                                                                          RT_ICON0x6a8680x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 4096, resolution 2834 x 2834 px/mEnglishUnited States0.41393058161350843
                                                                                                                                                                                                                          RT_ICON0x6b9100x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 9216, resolution 2834 x 2834 px/mEnglishUnited States0.3479253112033195
                                                                                                                                                                                                                          RT_ICON0x6deb80x3d71PNG image data, 256 x 256, 8-bit/color RGBA, non-interlacedEnglishUnited States0.9809269502193401
                                                                                                                                                                                                                          RT_DIALOG0x725880x286dataEnglishUnited States0.5092879256965944
                                                                                                                                                                                                                          RT_DIALOG0x723580x13adataEnglishUnited States0.60828025477707
                                                                                                                                                                                                                          RT_DIALOG0x724980xecdataEnglishUnited States0.6991525423728814
                                                                                                                                                                                                                          RT_DIALOG0x722280x12edataEnglishUnited States0.5927152317880795
                                                                                                                                                                                                                          RT_DIALOG0x71ef00x338dataEnglishUnited States0.45145631067961167
                                                                                                                                                                                                                          RT_DIALOG0x71c980x252dataEnglishUnited States0.5757575757575758
                                                                                                                                                                                                                          RT_STRING0x72f680x1e2dataEnglishUnited States0.3900414937759336
                                                                                                                                                                                                                          RT_STRING0x731500x1ccdataEnglishUnited States0.4282608695652174
                                                                                                                                                                                                                          RT_STRING0x733200x1b8dataEnglishUnited States0.45681818181818185
                                                                                                                                                                                                                          RT_STRING0x734d80x146dataEnglishUnited States0.5153374233128835
                                                                                                                                                                                                                          RT_STRING0x736200x46cdataEnglishUnited States0.3454063604240283
                                                                                                                                                                                                                          RT_STRING0x73a900x166dataEnglishUnited States0.49162011173184356
                                                                                                                                                                                                                          RT_STRING0x73bf80x152dataEnglishUnited States0.5059171597633136
                                                                                                                                                                                                                          RT_STRING0x73d500x10adataEnglishUnited States0.49624060150375937
                                                                                                                                                                                                                          RT_STRING0x73e600xbcdataEnglishUnited States0.6329787234042553
                                                                                                                                                                                                                          RT_STRING0x73f200xd6dataEnglishUnited States0.5747663551401869
                                                                                                                                                                                                                          RT_GROUP_ICON0x71c300x68dataEnglishUnited States0.7019230769230769
                                                                                                                                                                                                                          RT_MANIFEST0x728100x753XML 1.0 document, ASCII text, with CRLF line terminatorsEnglishUnited States0.3957333333333333

                                                                                                                                                                                                                          Imports

                                                                                                                                                                                                                          DLLImport
                                                                                                                                                                                                                          KERNEL32.dllGetLastError, SetLastError, FormatMessageW, GetCurrentProcess, DeviceIoControl, SetFileTime, CloseHandle, CreateDirectoryW, RemoveDirectoryW, CreateFileW, DeleteFileW, CreateHardLinkW, GetShortPathNameW, GetLongPathNameW, MoveFileW, GetFileType, GetStdHandle, WriteFile, ReadFile, FlushFileBuffers, SetEndOfFile, SetFilePointer, GetCurrentProcessId, SetFileAttributesW, GetFileAttributesW, FindClose, FindFirstFileW, FindNextFileW, InterlockedDecrement, GetVersionExW, GetCurrentDirectoryW, GetFullPathNameW, FoldStringW, GetModuleFileNameW, GetModuleHandleW, FindResourceW, FreeLibrary, GetProcAddress, ExitProcess, SetThreadExecutionState, Sleep, LoadLibraryW, GetSystemDirectoryW, CompareStringW, AllocConsole, FreeConsole, AttachConsole, WriteConsoleW, GetProcessAffinityMask, CreateThread, SetThreadPriority, InitializeCriticalSection, EnterCriticalSection, LeaveCriticalSection, DeleteCriticalSection, SetEvent, ResetEvent, ReleaseSemaphore, WaitForSingleObject, CreateEventW, CreateSemaphoreW, GetSystemTime, SystemTimeToTzSpecificLocalTime, TzSpecificLocalTimeToSystemTime, SystemTimeToFileTime, FileTimeToLocalFileTime, LocalFileTimeToFileTime, FileTimeToSystemTime, GetCPInfo, IsDBCSLeadByte, MultiByteToWideChar, WideCharToMultiByte, GlobalAlloc, LockResource, GlobalLock, GlobalUnlock, GlobalFree, LoadResource, SizeofResource, SetCurrentDirectoryW, GetTimeFormatW, GetDateFormatW, LocalFree, GetExitCodeProcess, GetLocalTime, GetTickCount, MapViewOfFile, UnmapViewOfFile, CreateFileMappingW, OpenFileMappingW, GetCommandLineW, SetEnvironmentVariableW, ExpandEnvironmentStringsW, GetTempPathW, MoveFileExW, GetLocaleInfoW, GetNumberFormatW, DecodePointer, SetFilePointerEx, GetConsoleMode, GetConsoleCP, HeapSize, SetStdHandle, GetProcessHeap, FreeEnvironmentStringsW, GetEnvironmentStringsW, GetCommandLineA, GetOEMCP, RaiseException, GetSystemInfo, VirtualProtect, VirtualQuery, LoadLibraryExA, IsProcessorFeaturePresent, IsDebuggerPresent, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetStartupInfoW, QueryPerformanceCounter, GetCurrentThreadId, GetSystemTimeAsFileTime, InitializeSListHead, TerminateProcess, RtlUnwind, EncodePointer, InitializeCriticalSectionAndSpinCount, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, LoadLibraryExW, QueryPerformanceFrequency, GetModuleHandleExW, GetModuleFileNameA, GetACP, HeapFree, HeapReAlloc, HeapAlloc, GetStringTypeW, LCMapStringW, FindFirstFileExA, FindNextFileA, IsValidCodePage
                                                                                                                                                                                                                          OLEAUT32.dllSysAllocString, SysFreeString, VariantClear
                                                                                                                                                                                                                          gdiplus.dllGdipAlloc, GdipDisposeImage, GdipCloneImage, GdipCreateBitmapFromStream, GdipCreateBitmapFromStreamICM, GdipCreateHBITMAPFromBitmap, GdiplusStartup, GdiplusShutdown, GdipFree

                                                                                                                                                                                                                          Possible Origin

                                                                                                                                                                                                                          Language of compilation systemCountry where language is spokenMap
                                                                                                                                                                                                                          EnglishUnited States

                                                                                                                                                                                                                          Network Behavior

                                                                                                                                                                                                                          DNS Queries

                                                                                                                                                                                                                          TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                          May 5, 2024 14:33:14.356122971 CEST192.168.2.41.1.1.10xcc69Standard query (0)bitsum.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:14.356527090 CEST192.168.2.41.1.1.10xacdfStandard query (0)bitsum.com65IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:15.928364038 CEST192.168.2.41.1.1.10xfafeStandard query (0)js.stripe.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:15.928518057 CEST192.168.2.41.1.1.10xe689Standard query (0)js.stripe.com65IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:15.931969881 CEST192.168.2.41.1.1.10x5343Standard query (0)stats.wp.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:15.932224035 CEST192.168.2.41.1.1.10x706aStandard query (0)stats.wp.com65IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:15.932871103 CEST192.168.2.41.1.1.10xa9b2Standard query (0)v0.wordpress.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:15.932871103 CEST192.168.2.41.1.1.10xb7dStandard query (0)v0.wordpress.com65IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:17.414642096 CEST192.168.2.41.1.1.10xde1cStandard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:17.414958000 CEST192.168.2.41.1.1.10x367dStandard query (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:18.172149897 CEST192.168.2.41.1.1.10x2505Standard query (0)analytics.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:18.172959089 CEST192.168.2.41.1.1.10xd51dStandard query (0)analytics.google.com65IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:18.175331116 CEST192.168.2.41.1.1.10x7de8Standard query (0)stats.g.doubleclick.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:18.175575018 CEST192.168.2.41.1.1.10x34d9Standard query (0)stats.g.doubleclick.net65IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:22.588403940 CEST192.168.2.41.1.1.10xc487Standard query (0)bitsum.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:22.588676929 CEST192.168.2.41.1.1.10x5ef6Standard query (0)bitsum.com65IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:23.746623993 CEST192.168.2.41.1.1.10x328eStandard query (0)a.nel.cloudflare.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:23.746803999 CEST192.168.2.41.1.1.10x601Standard query (0)a.nel.cloudflare.com65IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:27.633445024 CEST192.168.2.41.1.1.10x24b9Standard query (0)pixel.wp.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:27.633856058 CEST192.168.2.41.1.1.10xf9dcStandard query (0)pixel.wp.com65IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:27.634774923 CEST192.168.2.41.1.1.10xeb2cStandard query (0)js.stripe.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:27.635193110 CEST192.168.2.41.1.1.10x9de1Standard query (0)js.stripe.com65IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:28.928416967 CEST192.168.2.41.1.1.10x81ffStandard query (0)pixel.wp.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:28.928586960 CEST192.168.2.41.1.1.10x7fdfStandard query (0)pixel.wp.com65IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:29.262279987 CEST192.168.2.41.1.1.10x36fStandard query (0)m.stripe.networkA (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:29.262433052 CEST192.168.2.41.1.1.10x76fbStandard query (0)m.stripe.network65IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:36.898909092 CEST192.168.2.41.1.1.10x9a3aStandard query (0)m.stripe.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:36.899266958 CEST192.168.2.41.1.1.10xab27Standard query (0)m.stripe.com65IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:37.899816036 CEST192.168.2.41.1.1.10xeed5Standard query (0)m.stripe.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:37.899954081 CEST192.168.2.41.1.1.10x8e8dStandard query (0)m.stripe.com65IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:38.722111940 CEST192.168.2.41.1.1.10xfe29Standard query (0)stripe.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:38.722606897 CEST192.168.2.41.1.1.10x35d3Standard query (0)stripe.com65IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:16.049355984 CEST192.168.2.41.1.1.10xa956Standard query (0)js.stripe.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:16.049824953 CEST192.168.2.41.1.1.10x6c2fStandard query (0)js.stripe.com65IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:16.050640106 CEST192.168.2.41.1.1.10x8ad1Standard query (0)v0.wordpress.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:16.050889015 CEST192.168.2.41.1.1.10x9912Standard query (0)v0.wordpress.com65IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:24.479935884 CEST192.168.2.41.1.1.10xc7b9Standard query (0)analytics.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:24.480089903 CEST192.168.2.41.1.1.10xc3f0Standard query (0)analytics.google.com65IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:38.570749044 CEST192.168.2.41.1.1.10x32dcStandard query (0)m.stripe.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:38.570924044 CEST192.168.2.41.1.1.10x37b7Standard query (0)m.stripe.com65IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:39.574501991 CEST192.168.2.41.1.1.10x602dStandard query (0)m.stripe.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:39.574769020 CEST192.168.2.41.1.1.10xb2b0Standard query (0)m.stripe.com65IN (0x0001)false

                                                                                                                                                                                                                          DNS Answers

                                                                                                                                                                                                                          TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                          May 5, 2024 14:33:14.451546907 CEST1.1.1.1192.168.2.40xacdfNo error (0)bitsum.com65IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:14.451666117 CEST1.1.1.1192.168.2.40xcc69No error (0)bitsum.com104.26.5.102A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:14.451666117 CEST1.1.1.1192.168.2.40xcc69No error (0)bitsum.com104.26.4.102A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:14.451666117 CEST1.1.1.1192.168.2.40xcc69No error (0)bitsum.com172.67.74.105A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:16.022154093 CEST1.1.1.1192.168.2.40xfafeNo error (0)js.stripe.comstripecdn.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:16.022154093 CEST1.1.1.1192.168.2.40xfafeNo error (0)stripecdn.map.fastly.net151.101.128.176A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:16.022154093 CEST1.1.1.1192.168.2.40xfafeNo error (0)stripecdn.map.fastly.net151.101.0.176A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:16.022154093 CEST1.1.1.1192.168.2.40xfafeNo error (0)stripecdn.map.fastly.net151.101.192.176A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:16.022154093 CEST1.1.1.1192.168.2.40xfafeNo error (0)stripecdn.map.fastly.net151.101.64.176A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:16.023472071 CEST1.1.1.1192.168.2.40xe689No error (0)js.stripe.comstripecdn.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:16.025136948 CEST1.1.1.1192.168.2.40x5343No error (0)stats.wp.com192.0.76.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:16.026156902 CEST1.1.1.1192.168.2.40xa9b2No error (0)v0.wordpress.comlb.wordpress.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:16.026156902 CEST1.1.1.1192.168.2.40xa9b2No error (0)lb.wordpress.com192.0.78.12A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:16.026156902 CEST1.1.1.1192.168.2.40xa9b2No error (0)lb.wordpress.com192.0.78.13A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:16.027780056 CEST1.1.1.1192.168.2.40xb7dNo error (0)v0.wordpress.comlb.wordpress.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:17.507092953 CEST1.1.1.1192.168.2.40xde1cNo error (0)www.google.com142.251.111.104A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:17.507092953 CEST1.1.1.1192.168.2.40xde1cNo error (0)www.google.com142.251.111.103A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:17.507092953 CEST1.1.1.1192.168.2.40xde1cNo error (0)www.google.com142.251.111.99A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:17.507092953 CEST1.1.1.1192.168.2.40xde1cNo error (0)www.google.com142.251.111.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:17.507092953 CEST1.1.1.1192.168.2.40xde1cNo error (0)www.google.com142.251.111.105A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:17.507092953 CEST1.1.1.1192.168.2.40xde1cNo error (0)www.google.com142.251.111.147A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:17.507740021 CEST1.1.1.1192.168.2.40x367dNo error (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:18.265084028 CEST1.1.1.1192.168.2.40x2505No error (0)analytics.google.com142.251.16.113A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:18.265084028 CEST1.1.1.1192.168.2.40x2505No error (0)analytics.google.com142.251.16.100A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:18.265084028 CEST1.1.1.1192.168.2.40x2505No error (0)analytics.google.com142.251.16.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:18.265084028 CEST1.1.1.1192.168.2.40x2505No error (0)analytics.google.com142.251.16.102A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:18.265084028 CEST1.1.1.1192.168.2.40x2505No error (0)analytics.google.com142.251.16.101A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:18.265084028 CEST1.1.1.1192.168.2.40x2505No error (0)analytics.google.com142.251.16.139A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:18.266388893 CEST1.1.1.1192.168.2.40xd51dNo error (0)analytics.google.comanalytics-alv.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:18.267585039 CEST1.1.1.1192.168.2.40x7de8No error (0)stats.g.doubleclick.net142.251.111.154A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:18.267585039 CEST1.1.1.1192.168.2.40x7de8No error (0)stats.g.doubleclick.net142.251.111.155A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:22.682389021 CEST1.1.1.1192.168.2.40xc487No error (0)bitsum.com104.26.5.102A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:22.682389021 CEST1.1.1.1192.168.2.40xc487No error (0)bitsum.com104.26.4.102A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:22.682389021 CEST1.1.1.1192.168.2.40xc487No error (0)bitsum.com172.67.74.105A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:22.684062004 CEST1.1.1.1192.168.2.40x5ef6No error (0)bitsum.com65IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:23.838923931 CEST1.1.1.1192.168.2.40x328eNo error (0)a.nel.cloudflare.com35.190.80.1A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:27.725395918 CEST1.1.1.1192.168.2.40x24b9No error (0)pixel.wp.com192.0.76.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:27.730608940 CEST1.1.1.1192.168.2.40xeb2cNo error (0)js.stripe.comstripecdn.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:27.730608940 CEST1.1.1.1192.168.2.40xeb2cNo error (0)stripecdn.map.fastly.net151.101.64.176A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:27.730608940 CEST1.1.1.1192.168.2.40xeb2cNo error (0)stripecdn.map.fastly.net151.101.128.176A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:27.730608940 CEST1.1.1.1192.168.2.40xeb2cNo error (0)stripecdn.map.fastly.net151.101.0.176A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:27.730608940 CEST1.1.1.1192.168.2.40xeb2cNo error (0)stripecdn.map.fastly.net151.101.192.176A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:27.730622053 CEST1.1.1.1192.168.2.40x9de1No error (0)js.stripe.comdexeqbeb7giwr.cloudfront.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:29.022505045 CEST1.1.1.1192.168.2.40x81ffNo error (0)pixel.wp.com192.0.76.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:29.355503082 CEST1.1.1.1192.168.2.40x76fbNo error (0)m.stripe.networkd1tcqh4bio8cty.cloudfront.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:29.355519056 CEST1.1.1.1192.168.2.40x36fNo error (0)m.stripe.networkstripecdn.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:29.355519056 CEST1.1.1.1192.168.2.40x36fNo error (0)stripecdn.map.fastly.net151.101.128.176A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:29.355519056 CEST1.1.1.1192.168.2.40x36fNo error (0)stripecdn.map.fastly.net151.101.0.176A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:29.355519056 CEST1.1.1.1192.168.2.40x36fNo error (0)stripecdn.map.fastly.net151.101.64.176A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:29.355519056 CEST1.1.1.1192.168.2.40x36fNo error (0)stripecdn.map.fastly.net151.101.192.176A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:36.990967989 CEST1.1.1.1192.168.2.40x9a3aNo error (0)m.stripe.com44.237.131.121A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:36.990967989 CEST1.1.1.1192.168.2.40x9a3aNo error (0)m.stripe.com34.214.210.98A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:36.990967989 CEST1.1.1.1192.168.2.40x9a3aNo error (0)m.stripe.com44.239.252.40A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:36.990967989 CEST1.1.1.1192.168.2.40x9a3aNo error (0)m.stripe.com44.240.201.86A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:36.990967989 CEST1.1.1.1192.168.2.40x9a3aNo error (0)m.stripe.com44.229.164.12A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:36.990967989 CEST1.1.1.1192.168.2.40x9a3aNo error (0)m.stripe.com44.237.49.162A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:36.990967989 CEST1.1.1.1192.168.2.40x9a3aNo error (0)m.stripe.com52.33.51.5A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:36.990967989 CEST1.1.1.1192.168.2.40x9a3aNo error (0)m.stripe.com54.213.45.60A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:37.993494987 CEST1.1.1.1192.168.2.40xeed5No error (0)m.stripe.com44.240.201.86A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:37.993494987 CEST1.1.1.1192.168.2.40xeed5No error (0)m.stripe.com34.214.210.98A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:37.993494987 CEST1.1.1.1192.168.2.40xeed5No error (0)m.stripe.com34.213.9.49A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:37.993494987 CEST1.1.1.1192.168.2.40xeed5No error (0)m.stripe.com44.229.164.12A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:37.993494987 CEST1.1.1.1192.168.2.40xeed5No error (0)m.stripe.com44.235.71.62A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:37.993494987 CEST1.1.1.1192.168.2.40xeed5No error (0)m.stripe.com44.229.0.33A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:37.993494987 CEST1.1.1.1192.168.2.40xeed5No error (0)m.stripe.com44.237.131.121A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:37.993494987 CEST1.1.1.1192.168.2.40xeed5No error (0)m.stripe.com44.237.49.162A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:33:38.814835072 CEST1.1.1.1192.168.2.40xfe29No error (0)stripe.com198.202.176.81A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:16.142076969 CEST1.1.1.1192.168.2.40xa956No error (0)js.stripe.comdexeqbeb7giwr.cloudfront.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:16.142076969 CEST1.1.1.1192.168.2.40xa956No error (0)dexeqbeb7giwr.cloudfront.net18.238.49.4A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:16.142076969 CEST1.1.1.1192.168.2.40xa956No error (0)dexeqbeb7giwr.cloudfront.net18.238.49.31A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:16.142076969 CEST1.1.1.1192.168.2.40xa956No error (0)dexeqbeb7giwr.cloudfront.net18.238.49.18A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:16.142076969 CEST1.1.1.1192.168.2.40xa956No error (0)dexeqbeb7giwr.cloudfront.net18.238.49.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:16.143090963 CEST1.1.1.1192.168.2.40x6c2fNo error (0)js.stripe.comdexeqbeb7giwr.cloudfront.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:16.144602060 CEST1.1.1.1192.168.2.40x8ad1No error (0)v0.wordpress.comlb.wordpress.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:16.144602060 CEST1.1.1.1192.168.2.40x8ad1No error (0)lb.wordpress.com192.0.78.13A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:16.144602060 CEST1.1.1.1192.168.2.40x8ad1No error (0)lb.wordpress.com192.0.78.12A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:16.145451069 CEST1.1.1.1192.168.2.40x9912No error (0)v0.wordpress.comlb.wordpress.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:24.573967934 CEST1.1.1.1192.168.2.40xc7b9No error (0)analytics.google.comanalytics-alv.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:24.573967934 CEST1.1.1.1192.168.2.40xc7b9No error (0)analytics-alv.google.com216.239.38.181A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:24.573967934 CEST1.1.1.1192.168.2.40xc7b9No error (0)analytics-alv.google.com216.239.36.181A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:24.573967934 CEST1.1.1.1192.168.2.40xc7b9No error (0)analytics-alv.google.com216.239.32.181A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:24.573967934 CEST1.1.1.1192.168.2.40xc7b9No error (0)analytics-alv.google.com216.239.34.181A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:38.663661957 CEST1.1.1.1192.168.2.40x32dcNo error (0)m.stripe.com44.229.0.33A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:38.663661957 CEST1.1.1.1192.168.2.40x32dcNo error (0)m.stripe.com44.229.164.12A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:38.663661957 CEST1.1.1.1192.168.2.40x32dcNo error (0)m.stripe.com44.240.201.86A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:38.663661957 CEST1.1.1.1192.168.2.40x32dcNo error (0)m.stripe.com54.213.45.60A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:38.663661957 CEST1.1.1.1192.168.2.40x32dcNo error (0)m.stripe.com34.213.9.49A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:38.663661957 CEST1.1.1.1192.168.2.40x32dcNo error (0)m.stripe.com44.237.131.121A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:38.663661957 CEST1.1.1.1192.168.2.40x32dcNo error (0)m.stripe.com44.235.71.62A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:38.663661957 CEST1.1.1.1192.168.2.40x32dcNo error (0)m.stripe.com34.214.210.98A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:39.668028116 CEST1.1.1.1192.168.2.40x602dNo error (0)m.stripe.com44.237.131.121A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:39.668028116 CEST1.1.1.1192.168.2.40x602dNo error (0)m.stripe.com44.235.71.62A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:39.668028116 CEST1.1.1.1192.168.2.40x602dNo error (0)m.stripe.com44.237.49.162A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:39.668028116 CEST1.1.1.1192.168.2.40x602dNo error (0)m.stripe.com44.238.18.217A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:39.668028116 CEST1.1.1.1192.168.2.40x602dNo error (0)m.stripe.com44.229.164.12A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:39.668028116 CEST1.1.1.1192.168.2.40x602dNo error (0)m.stripe.com34.213.9.49A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:39.668028116 CEST1.1.1.1192.168.2.40x602dNo error (0)m.stripe.com34.214.210.98A (IP address)IN (0x0001)false
                                                                                                                                                                                                                          May 5, 2024 14:34:39.668028116 CEST1.1.1.1192.168.2.40x602dNo error (0)m.stripe.com44.240.201.86A (IP address)IN (0x0001)false

                                                                                                                                                                                                                          HTTPS Proxied Packets

                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          0192.168.2.44973140.68.123.157443
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:10 UTC306OUTGET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=A2tp3zbaFOOWXvO&MD=VZaYXHLT HTTP/1.1
                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                                                                                                                                                          Host: slscr.update.microsoft.com
                                                                                                                                                                                                                          2024-05-05 12:33:10 UTC560INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                          Expires: -1
                                                                                                                                                                                                                          Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                                                                                                                                          ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880"
                                                                                                                                                                                                                          MS-CorrelationId: cec94433-90ed-46ab-8a7e-ced64a1b9d5f
                                                                                                                                                                                                                          MS-RequestId: 3117179d-1767-4c87-8c82-e445980483af
                                                                                                                                                                                                                          MS-CV: 2jDlOYW9fEiy1Jqp.0
                                                                                                                                                                                                                          X-Microsoft-SLSClientCache: 2880
                                                                                                                                                                                                                          Content-Disposition: attachment; filename=environment.cab
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:09 GMT
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Content-Length: 24490
                                                                                                                                                                                                                          2024-05-05 12:33:10 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58
                                                                                                                                                                                                                          Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
                                                                                                                                                                                                                          2024-05-05 12:33:10 UTC8666INData Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31
                                                                                                                                                                                                                          Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          1192.168.2.449737104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:14 UTC706OUTGET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                          Sec-Fetch-User: ?1
                                                                                                                                                                                                                          Sec-Fetch-Dest: document
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:15 UTC1101INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:15 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; path=/
                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                          Link: <https://bitsum.com/wp-json/>; rel="https://api.w.org/"
                                                                                                                                                                                                                          Link: <https://bitsum.com/wp-json/wp/v2/pages/26649>; rel="alternate"; type="application/json"
                                                                                                                                                                                                                          Link: <https://bitsum.com/?p=26649>; rel=shortlink
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ad8YJkp%2FBzCcBGx029A0QeJshs9yLUj%2F8OECPn5YqAkeo21lUbdJgE8vtdfMMkT9SWyPHjjJ9iaQbWpZTJMSIk4pNy2KEP%2B%2FMFZ3VfMxA%2Fn7kDNv%2FkkgAZCfK%2FA%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c203ae0a597a-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:15 UTC268INData Raw: 37 62 36 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65
                                                                                                                                                                                                                          Data Ascii: 7b67<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><link rel="profile" href="http://gmpg.org/xfn/11" /><link rel="pingback" href="https://bitsum.com/xmlrpc.php" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta name
                                                                                                                                                                                                                          2024-05-05 12:33:15 UTC1369INData Raw: 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 66 61 76 69 63 6f 6e 2e 70 6e 67 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d
                                                                                                                                                                                                                          Data Ascii: ontent="width=device-width, initial-scale=1" /><meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /><link rel="shortcut icon" href="https://bitsum.com/wp-content/uploads/favicon.png" type="image/x-
                                                                                                                                                                                                                          2024-05-05 12:33:15 UTC1369INData Raw: 09 76 61 72 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 4c 6f 63 61 74 69 6f 6e 73 20 3d 20 28 74 79 70 65 6f 66 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 29 20 3a 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 65 66 61 75 6c 74 4c 6f 63 61 74 69 6f 6e 73 20 29 3b 0a 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 76 61 72 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67
                                                                                                                                                                                                                          Data Ascii: var MonsterInsightsLocations = (typeof MonsterInsightsExcludeQuery === 'object') ? MonsterInsightsPrivacyGuardFilter( MonsterInsightsExcludeQuery ) : MonsterInsightsPrivacyGuardFilter( MonsterInsightsDefaultLocations );} else {var MonsterInsig
                                                                                                                                                                                                                          2024-05-05 12:33:15 UTC1369INData Raw: 09 09 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0a 0a 09 09 09 09 77 69 6e 64 6f 77 2e 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 20 3d 20 7b 0a 09 09 09 09 09 68 65 6c 70 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 09 74 72 61 63 6b 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 7d 3b 0a 09 09 09 09 69 66 20 28 6d 69 5f 74 72 61 63 6b 5f 75 73 65 72 29 20 7b 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 29 20 7b 0a 09 09 09 09 09 09 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 0a 09 09 09 09 09 7d 0a 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 54 72 61
                                                                                                                                                                                                                          Data Ascii: window.dataLayer = window.dataLayer || [];window.MonsterInsightsDualTracker = {helpers: {},trackers: {},};if (mi_track_user) {function __gtagDataLayer() {dataLayer.push(arguments);}function __gtagTra
                                                                                                                                                                                                                          2024-05-05 12:33:15 UTC1369INData Raw: 69 6e 64 6f 77 2e 67 74 61 67 20 3d 20 5f 5f 67 74 61 67 54 72 61 63 6b 65 72 3b 09 09 09 09 09 09 09 09 09 09 28 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 2f 2a 20 68 74 74 70 73 3a 2f 2f 64 65 76 65 6c 6f 70 65 72 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 6e 61 6c 79 74 69 63 73 2f 64 65 76 67 75 69 64 65 73 2f 63 6f 6c 6c 65 63 74 69 6f 6e 2f 61 6e 61 6c 79 74 69 63 73 6a 73 2f 20 2a 2f 0a 09 09 09 09 09 09 2f 2a 20 67 61 20 61 6e 64 20 5f 5f 67 61 54 72 61 63 6b 65 72 20 63 6f 6d 70 61 74 69 62 69 6c 69 74 79 20 73 68 69 6d 2e 20 2a 2f 0a 09 09 09 09 09 09 76 61 72 20 6e 6f 6f 70 66 6e 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 0a 09 09 09 09 09 09 7d 3b 0a 09 09 09 09
                                                                                                                                                                                                                          Data Ascii: indow.gtag = __gtagTracker;(function () {/* https://developers.google.com/analytics/devguides/collection/analyticsjs/ *//* ga and __gaTracker compatibility shim. */var noopfn = function () {return null;};
                                                                                                                                                                                                                          2024-05-05 12:33:15 UTC1369INData Raw: 20 21 3d 3d 20 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 09 68 69 74 4f 62 6a 65 63 74 20 3d 20 7b 0a 09 09 09 09 09 09 09 09 09 09 09 09 27 65 76 65 6e 74 41 63 74 69 6f 6e 27 3a 20 27 70 61 67 65 5f 76 69 65 77 27 2c 0a 09 09 09 09 09 09 09 09 09 09 09 09 27 70 61 67 65 5f 70 61 74 68 27 3a 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 2c 0a 09 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 4f 62 6a 65 63 74 20 3d 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3b 0a 09 09
                                                                                                                                                                                                                          Data Ascii: !== typeof arguments[2]) {hitObject = {'eventAction': 'page_view','page_path': arguments[2],}}}if (typeof arguments[2] === 'object') {hitObject = arguments[2];
                                                                                                                                                                                                                          2024-05-05 12:33:15 UTC1369INData Raw: 09 09 09 09 09 27 74 69 74 6c 65 27 3a 20 27 70 61 67 65 5f 74 69 74 6c 65 27 2c 0a 09 09 09 09 09 09 09 09 09 27 72 65 66 65 72 72 65 72 27 20 3a 20 27 70 61 67 65 5f 72 65 66 65 72 72 65 72 27 2c 0a 09 09 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 09 09 66 6f 72 20 28 61 72 67 20 69 6e 20 61 72 67 73 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 69 66 20 28 21 28 21 61 72 67 73 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 20 7c 7c 20 21 67 61 4d 61 70 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 29 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 67 61 4d 61 70 5b 61 72 67 5d 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 09 09 09
                                                                                                                                                                                                                          Data Ascii: 'title': 'page_title','referrer' : 'page_referrer',};for (arg in args) {if (!(!args.hasOwnProperty(arg) || !gaMap.hasOwnProperty(arg))) {hit[gaMap[arg]] = args[arg];} else {
                                                                                                                                                                                                                          2024-05-05 12:33:15 UTC1369INData Raw: 7d 3b 0a 0a 09 09 09 09 66 6f 72 20 28 6d 61 70 49 6e 64 65 78 20 69 6e 20 66 69 65 6c 64 4d 61 70 29 20 7b 0a 09 09 09 09 09 69 66 20 28 75 61 49 74 65 6d 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 6d 61 70 49 6e 64 65 78 29 29 20 7b 0a 09 09 09 09 09 09 69 74 65 6d 5b 66 69 65 6c 64 4d 61 70 5b 6d 61 70 49 6e 64 65 78 5d 5d 20 3d 20 75 61 49 74 65 6d 5b 6d 61 70 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 7d 0a 09 09 09 09 7d 0a 0a 09 09 09 09 66 6f 72 20 28 70 72 65 66 69 78 49 6e 64 65 78 20 3d 20 30 3b 20 70 72 65 66 69 78 49 6e 64 65 78 20 3c 20 74 6f 42 65 50 72 65 66 69 78 65 64 2e 6c 65 6e 67 74 68 3b 20 70 72 65 66 69 78 49 6e 64 65 78 2b 2b 29 20 7b 0a 09 09 09 09 09 70 72 65 66 69 78 4b 65 79 20 3d 20 74 6f 42 65 50 72 65 66 69 78 65 64 5b 70
                                                                                                                                                                                                                          Data Ascii: };for (mapIndex in fieldMap) {if (uaItem.hasOwnProperty(mapIndex)) {item[fieldMap[mapIndex]] = uaItem[mapIndex];}}for (prefixIndex = 0; prefixIndex < toBePrefixed.length; prefixIndex++) {prefixKey = toBePrefixed[p
                                                                                                                                                                                                                          2024-05-05 12:33:15 UTC1369INData Raw: 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 74 72 61 63 6b 65 72 73 5b 27 73 65 6c 65 63 74 5f 63 6f 6e 74 65 6e 74 27 5d 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 63 6f 6e 73 74 20 69 74 65 6d 73 20 3d 20 70 61 72 61 6d 65 74 65 72 73 2e 69 74 65 6d 73 2e 6d 61 70 28 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 68 65 6c 70 65 72 73 2e 6d 61 70 50 72 6f 64 75 63 74 49 74 65 6d 29 3b 0a 09 09 09 09 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 27 65 76 65 6e 74 27 2c 20 27 73 65 6c 65 63 74 5f 69 74 65 6d 27 2c 20 7b 69 74 65 6d 73 3a 20 69 74 65 6d 73 2c 20 73 65 6e 64 5f 74 6f 3a 20 70 61 72 61 6d 65 74 65 72 73 2e 73 65 6e 64 5f 74 6f 7d 29 3b 0a 09 09 09 7d 3b 0a
                                                                                                                                                                                                                          Data Ascii: htsDualTracker.trackers['select_content'] = function (parameters) {const items = parameters.items.map(MonsterInsightsDualTracker.helpers.mapProductItem);__gtagDataLayer('event', 'select_item', {items: items, send_to: parameters.send_to});};
                                                                                                                                                                                                                          2024-05-05 12:33:15 UTC1369INData Raw: 61 6e 76 61 73 2e 68 65 69 67 68 74 29 2e 64 61 74 61 29 29 3b 72 65 74 75 72 6e 20 74 2e 65 76 65 72 79 28 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 65 3d 3d 3d 72 5b 74 5d 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 75 28 65 2c 74 2c 6e 29 7b 73 77 69 74 63 68 28 74 29 7b 63 61 73 65 22 66 6c 61 67 22 3a 72 65 74 75 72 6e 20 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 32 36 61 37 5c 75 66 65 30 66 22 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 62 5c 75 32 36 61 37 5c 75 66 65 30 66 22 29 3f 21 31 3a 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 64 38 33 63 5c 75 64 64 66 33 22 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 32 30 30 62 5c 75 64 38
                                                                                                                                                                                                                          Data Ascii: anvas.height).data));return t.every(function(e,t){return e===r[t]})}function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud8


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          2192.168.2.449738104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:15 UTC703OUTGET /wp-includes/css/dist/block-library/style.min.css?ver=35eac6e98b37c7568cceeeeb456d12a3 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
                                                                                                                                                                                                                          2024-05-05 12:33:16 UTC764INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:16 GMT
                                                                                                                                                                                                                          Content-Type: text/css
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Wed, 03 Apr 2024 15:53:31 GMT
                                                                                                                                                                                                                          ETag: W/"426a8-1bae5-61533396ed7cc-gzip"
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: EXPIRED
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ovFwJ75LqLsWSLByV6Cn663v9KBNsvWX6gm2Wh7q65NchaHnCR4yo1peiV0LKJpVVdhQQ4SNuR80%2FvsrbKp%2BZoc7Z8apGVrMYT2ZOJS7oraaaOiLgYlTQfOqrNI%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c20ad87429be-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:16 UTC605INData Raw: 37 63 62 37 0d 0a 40 63 68 61 72 73 65 74 20 22 55 54 46 2d 38 22 3b 2e 77 70 2d 62 6c 6f 63 6b 2d 61 72 63 68 69 76 65 73 7b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 61 72 63 68 69 76 65 73 2d 64 72 6f 70 64 6f 77 6e 20 6c 61 62 65 6c 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 61 76 61 74 61 72 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 30 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 61 76 61 74 61 72 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 61 76 61 74 61 72 20 69 6d 67 7b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 61 76 61 74 61 72 2e 61 6c 69 67 6e 63 65 6e 74 65 72 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 7d 2e 77 70 2d 62
                                                                                                                                                                                                                          Data Ascii: 7cb7@charset "UTF-8";.wp-block-archives{box-sizing:border-box}.wp-block-archives-dropdown label{display:block}.wp-block-avatar{line-height:0}.wp-block-avatar,.wp-block-avatar img{box-sizing:border-box}.wp-block-avatar.aligncenter{text-align:center}.wp-b
                                                                                                                                                                                                                          2024-05-05 12:33:16 UTC1369INData Raw: 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 72 69 67 68 74 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5f 5f 6c 69 6e 6b 29 7b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 39 39 39 39 70 78 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 3a 63 61 6c 63 28 2e 36 36 37 65 6d 20 2b 20 32 70 78 29 20 63 61 6c 63 28 31 2e 33 33 33 65 6d 20 2b 20 32 70 78 29 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5b 73 74 79 6c 65 2a 3d 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 5d 20 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5f 5f 6c 69 6e 6b 7b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 69 6e 68 65 72 69 74 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74
                                                                                                                                                                                                                          Data Ascii: {text-align:right}:where(.wp-block-button__link){border-radius:9999px;box-shadow:none;padding:calc(.667em + 2px) calc(1.333em + 2px);text-decoration:none}.wp-block-button[style*=text-decoration] .wp-block-button__link{text-decoration:inherit}.wp-block-but
                                                                                                                                                                                                                          2024-05-05 12:33:16 UTC1369INData Raw: 64 69 75 73 3a 30 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 20 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5f 5f 6c 69 6e 6b 3a 77 68 65 72 65 28 2e 69 73 2d 73 74 79 6c 65 2d 6f 75 74 6c 69 6e 65 29 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 3a 77 68 65 72 65 28 2e 69 73 2d 73 74 79 6c 65 2d 6f 75 74 6c 69 6e 65 29 3e 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5f 5f 6c 69 6e 6b 7b 62 6f 72 64 65 72 3a 32 70 78 20 73 6f 6c 69 64 3b 70 61 64 64 69 6e 67 3a 2e 36 36 37 65 6d 20 31 2e 33 33 33 65 6d 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 20 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5f 5f 6c 69 6e 6b 3a 77 68 65 72 65 28 2e 69 73 2d 73 74 79 6c 65 2d 6f 75 74 6c 69 6e 65 29 3a 6e 6f 74
                                                                                                                                                                                                                          Data Ascii: dius:0!important}.wp-block-button .wp-block-button__link:where(.is-style-outline),.wp-block-button:where(.is-style-outline)>.wp-block-button__link{border:2px solid;padding:.667em 1.333em}.wp-block-button .wp-block-button__link:where(.is-style-outline):not
                                                                                                                                                                                                                          2024-05-05 12:33:16 UTC1369INData Raw: 6d 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 20 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5f 5f 6c 69 6e 6b 3a 77 68 65 72 65 28 5b 73 74 79 6c 65 2a 3d 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 73 74 79 6c 65 5d 29 7b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 77 69 64 74 68 3a 6d 65 64 69 75 6d 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 20 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5f 5f 6c 69 6e 6b 3a 77 68 65 72 65 28 5b 73 74 79 6c 65 2a 3d 62 6f 72 64 65 72 2d 6c 65 66 74 2d 73 74 79 6c 65 5d 29 7b 62 6f 72 64 65 72 2d 6c 65 66 74 2d 77 69 64 74 68 3a 6d 65 64 69 75 6d 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 73 2e 69 73 2d 76 65 72 74 69 63 61 6c 7b 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 63 6f 6c 75 6d 6e
                                                                                                                                                                                                                          Data Ascii: m}.wp-block-button .wp-block-button__link:where([style*=border-bottom-style]){border-bottom-width:medium}.wp-block-button .wp-block-button__link:where([style*=border-left-style]){border-left-width:medium}.wp-block-buttons.is-vertical{flex-direction:column
                                                                                                                                                                                                                          2024-05-05 12:33:16 UTC1369INData Raw: 6f 6e 3a 69 6e 68 65 72 69 74 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 73 2e 68 61 73 2d 63 75 73 74 6f 6d 2d 66 6f 6e 74 2d 73 69 7a 65 20 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5f 5f 6c 69 6e 6b 7b 66 6f 6e 74 2d 73 69 7a 65 3a 69 6e 68 65 72 69 74 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 2e 61 6c 69 67 6e 63 65 6e 74 65 72 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 63 61 6c 65 6e 64 61 72 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 63 61 6c 65 6e 64 61 72 20 74 64 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 63 61 6c 65 6e 64 61 72 20 74 68 7b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 3b 70 61 64 64 69 6e 67 3a 2e 32 35 65 6d 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 63 61 6c 65 6e 64 61 72 20 74 68 7b 66
                                                                                                                                                                                                                          Data Ascii: on:inherit}.wp-block-buttons.has-custom-font-size .wp-block-button__link{font-size:inherit}.wp-block-button.aligncenter,.wp-block-calendar{text-align:center}.wp-block-calendar td,.wp-block-calendar th{border:1px solid;padding:.25em}.wp-block-calendar th{f
                                                                                                                                                                                                                          2024-05-05 12:33:16 UTC1369INData Raw: 6d 73 3a 66 6c 65 78 2d 73 74 61 72 74 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 73 2e 61 72 65 2d 76 65 72 74 69 63 61 6c 6c 79 2d 61 6c 69 67 6e 65 64 2d 63 65 6e 74 65 72 7b 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 63 65 6e 74 65 72 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 73 2e 61 72 65 2d 76 65 72 74 69 63 61 6c 6c 79 2d 61 6c 69 67 6e 65 64 2d 62 6f 74 74 6f 6d 7b 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 66 6c 65 78 2d 65 6e 64 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 38 31 70 78 29 7b 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 73 3a 6e 6f 74 28 2e 69 73 2d 6e 6f 74 2d 73 74 61 63 6b 65 64 2d 6f 6e 2d 6d 6f 62 69 6c 65 29 3e 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 7b 66 6c 65 78 2d 62 61 73 69 73 3a 31 30 30
                                                                                                                                                                                                                          Data Ascii: ms:flex-start}.wp-block-columns.are-vertically-aligned-center{align-items:center}.wp-block-columns.are-vertically-aligned-bottom{align-items:flex-end}@media (max-width:781px){.wp-block-columns:not(.is-not-stacked-on-mobile)>.wp-block-column{flex-basis:100
                                                                                                                                                                                                                          2024-05-05 12:33:16 UTC1369INData Raw: 62 6f 72 64 65 72 2d 62 6f 78 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 63 6f 6d 6d 65 6e 74 73 20 2e 61 6c 69 67 6e 6c 65 66 74 7b 66 6c 6f 61 74 3a 6c 65 66 74 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 63 6f 6d 6d 65 6e 74 73 20 2e 61 6c 69 67 6e 72 69 67 68 74 7b 66 6c 6f 61 74 3a 72 69 67 68 74 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 63 6f 6d 6d 65 6e 74 73 20 2e 6e 61 76 69 67 61 74 69 6f 6e 3a 61 66 74 65 72 7b 63 6c 65 61 72 3a 62 6f 74 68 3b 63 6f 6e 74 65 6e 74 3a 22 22 3b 64 69 73 70 6c 61 79 3a 74 61 62 6c 65 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 63 6f 6d 6d 65 6e 74 73 20 2e 63 6f 6d 6d 65 6e 74 6c 69 73 74 7b 63 6c 65 61 72 3a 62 6f 74 68 3b 6c 69 73 74 2d 73 74 79 6c 65 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 3a 30
                                                                                                                                                                                                                          Data Ascii: border-box}.wp-block-post-comments .alignleft{float:left}.wp-block-post-comments .alignright{float:right}.wp-block-post-comments .navigation:after{clear:both;content:"";display:table}.wp-block-post-comments .commentlist{clear:both;list-style:none;margin:0
                                                                                                                                                                                                                          2024-05-05 12:33:16 UTC1369INData Raw: 6f 6d 6d 65 6e 74 2d 66 6f 72 6d 20 69 6e 70 75 74 3a 6e 6f 74 28 5b 74 79 70 65 3d 73 75 62 6d 69 74 5d 29 3a 6e 6f 74 28 5b 74 79 70 65 3d 63 68 65 63 6b 62 6f 78 5d 29 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 63 6f 6d 6d 65 6e 74 73 20 2e 63 6f 6d 6d 65 6e 74 2d 66 6f 72 6d 20 74 65 78 74 61 72 65 61 7b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 3b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 77 69 64 74 68 3a 31 30 30 25 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 63 6f 6d 6d 65 6e 74 73 20 2e 63 6f 6d 6d 65 6e 74 2d 66 6f 72 6d 2d 63 6f 6f 6b 69 65 73 2d 63 6f 6e 73 65 6e 74 7b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 67 61 70 3a 2e 32 35 65 6d 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 63 6f 6d 6d 65 6e 74 73 20 2e 63
                                                                                                                                                                                                                          Data Ascii: omment-form input:not([type=submit]):not([type=checkbox]),.wp-block-post-comments .comment-form textarea{box-sizing:border-box;display:block;width:100%}.wp-block-post-comments .comment-form-cookies-consent{display:flex;gap:.25em}.wp-block-post-comments .c
                                                                                                                                                                                                                          2024-05-05 12:33:16 UTC1369INData Raw: 6e 61 74 69 6f 6e 2d 70 72 65 76 69 6f 75 73 3a 6c 61 73 74 2d 63 68 69 6c 64 7b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 30 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6d 6d 65 6e 74 73 2d 70 61 67 69 6e 61 74 69 6f 6e 20 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6d 6d 65 6e 74 73 2d 70 61 67 69 6e 61 74 69 6f 6e 2d 70 72 65 76 69 6f 75 73 2d 61 72 72 6f 77 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 31 63 68 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6d 6d 65 6e 74 73 2d 70 61 67 69 6e 61 74 69 6f 6e 20 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6d 6d 65 6e 74 73 2d 70 61 67 69 6e 61 74 69 6f 6e 2d 70 72 65 76 69 6f 75 73 2d 61 72 72 6f 77 3a 6e 6f 74 28 2e 69 73 2d 61 72 72 6f 77 2d 63 68 65 76 72 6f 6e 29 7b 74 72
                                                                                                                                                                                                                          Data Ascii: nation-previous:last-child{margin-right:0}.wp-block-comments-pagination .wp-block-comments-pagination-previous-arrow{display:inline-block;margin-right:1ch}.wp-block-comments-pagination .wp-block-comments-pagination-previous-arrow:not(.is-arrow-chevron){tr
                                                                                                                                                                                                                          2024-05-05 12:33:16 UTC1369INData Raw: 72 5d 29 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 76 65 72 2d 69 6d 61 67 65 2e 68 61 73 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 64 69 6d 3a 6e 6f 74 28 5b 63 6c 61 73 73 2a 3d 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 5d 29 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 76 65 72 2e 68 61 73 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 64 69 6d 3a 6e 6f 74 28 5b 63 6c 61 73 73 2a 3d 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 5d 29 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 30 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 76 65 72 20 2e 68 61 73 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 64 69 6d 2e 68 61 73 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 67 72 61 64 69 65 6e 74 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 76 65 72 2d 69 6d 61 67 65 20 2e 68 61 73 2d 62 61
                                                                                                                                                                                                                          Data Ascii: r]),.wp-block-cover-image.has-background-dim:not([class*=-background-color]),.wp-block-cover.has-background-dim:not([class*=-background-color]){background-color:#000}.wp-block-cover .has-background-dim.has-background-gradient,.wp-block-cover-image .has-ba


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          3192.168.2.449747104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC690OUTGET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC782INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:17 GMT
                                                                                                                                                                                                                          Content-Type: text/css
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Thu, 10 Dec 2020 20:06:24 GMT
                                                                                                                                                                                                                          ETag: W/"4285f-2bf8-5b621b5daa0ab-gzip"
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: HIT
                                                                                                                                                                                                                          Age: 6948
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1%2FA5eyWwJzpLGaVKoNBmky3x8Gh8srYvxSXFty6FIY%2B%2FjfVz%2BNudbyz8zOUvu3k%2FpKkhz%2FcpEY%2FEbsCsPVHN22UxRr1one0%2BHNv80yWYWJJgh1R9dyYBGlVlji4%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c2143d5f879a-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC587INData Raw: 32 62 66 38 0d 0a 2e 6d 65 6a 73 2d 6f 66 66 73 63 72 65 65 6e 7b 62 6f 72 64 65 72 3a 30 3b 63 6c 69 70 3a 72 65 63 74 28 31 70 78 2c 31 70 78 2c 31 70 78 2c 31 70 78 29 3b 2d 77 65 62 6b 69 74 2d 63 6c 69 70 2d 70 61 74 68 3a 69 6e 73 65 74 28 35 30 25 29 3b 63 6c 69 70 2d 70 61 74 68 3a 69 6e 73 65 74 28 35 30 25 29 3b 68 65 69 67 68 74 3a 31 70 78 3b 6d 61 72 67 69 6e 3a 2d 31 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 70 61 64 64 69 6e 67 3a 30 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 77 69 64 74 68 3a 31 70 78 3b 77 6f 72 64 2d 77 72 61 70 3a 6e 6f 72 6d 61 6c 7d 2e 6d 65 6a 73 2d 63 6f 6e 74 61 69 6e 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 30 30 30 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 48 65 6c 76 65 74 69 63 61
                                                                                                                                                                                                                          Data Ascii: 2bf8.mejs-offscreen{border:0;clip:rect(1px,1px,1px,1px);-webkit-clip-path:inset(50%);clip-path:inset(50%);height:1px;margin:-1px;overflow:hidden;padding:0;position:absolute;width:1px;word-wrap:normal}.mejs-container{background:#000;font-family:Helvetica
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC1369INData Raw: 2d 63 6f 6e 74 72 6f 6c 73 2d 73 74 61 72 74 2d 70 6c 61 79 62 61 63 6b 2d 62 75 74 74 6f 6e 7b 2d 77 65 62 6b 69 74 2d 61 70 70 65 61 72 61 6e 63 65 3a 6e 6f 6e 65 3b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6d 65 6a 73 2d 66 69 6c 6c 2d 63 6f 6e 74 61 69 6e 65 72 2c 2e 6d 65 6a 73 2d 66 69 6c 6c 2d 63 6f 6e 74 61 69 6e 65 72 20 2e 6d 65 6a 73 2d 63 6f 6e 74 61 69 6e 65 72 7b 68 65 69 67 68 74 3a 31 30 30 25 3b 77 69 64 74 68 3a 31 30 30 25 7d 2e 6d 65 6a 73 2d 66 69 6c 6c 2d 63 6f 6e 74 61 69 6e 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 74 72 61 6e 73 70 61 72 65 6e 74 3b 6d 61 72 67 69 6e 3a 30 20 61 75 74 6f 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 7d 2e 6d 65
                                                                                                                                                                                                                          Data Ascii: -controls-start-playback-button{-webkit-appearance:none;display:none!important}.mejs-fill-container,.mejs-fill-container .mejs-container{height:100%;width:100%}.mejs-fill-container{background:transparent;margin:0 auto;overflow:hidden;position:relative}.me
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC1369INData Raw: 65 78 3a 31 7d 2e 6d 65 6a 73 2d 6f 76 65 72 6c 61 79 2d 70 6c 61 79 7b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 7d 2e 6d 65 6a 73 2d 6f 76 65 72 6c 61 79 2d 62 75 74 74 6f 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 6d 65 6a 73 2d 63 6f 6e 74 72 6f 6c 73 2e 73 76 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 2d 33 39 70 78 3b 68 65 69 67 68 74 3a 38 30 70 78 3b 77 69 64 74 68 3a 38 30 70 78 7d 2e 6d 65 6a 73 2d 6f 76 65 72 6c 61 79 3a 68 6f 76 65 72 3e 2e 6d 65 6a 73 2d 6f 76 65 72 6c 61 79 2d 62 75 74 74 6f 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 2d 38 30 70 78 20 2d 33 39 70 78 7d 2e 6d 65 6a 73 2d 6f 76 65 72 6c 61 79 2d 6c 6f 61 64 69 6e 67 7b 68 65 69 67 68
                                                                                                                                                                                                                          Data Ascii: ex:1}.mejs-overlay-play{cursor:pointer}.mejs-overlay-button{background:url(mejs-controls.svg) no-repeat;background-position:0 -39px;height:80px;width:80px}.mejs-overlay:hover>.mejs-overlay-button{background-position:-80px -39px}.mejs-overlay-loading{heigh
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC1369INData Raw: 32 30 70 78 7d 2e 6d 65 6a 73 2d 62 75 74 74 6f 6e 3e 62 75 74 74 6f 6e 3a 66 6f 63 75 73 7b 6f 75 74 6c 69 6e 65 3a 31 70 78 20 64 6f 74 74 65 64 20 23 39 39 39 7d 2e 6d 65 6a 73 2d 63 6f 6e 74 61 69 6e 65 72 2d 6b 65 79 62 6f 61 72 64 2d 69 6e 61 63 74 69 76 65 20 5b 72 6f 6c 65 3d 73 6c 69 64 65 72 5d 2c 2e 6d 65 6a 73 2d 63 6f 6e 74 61 69 6e 65 72 2d 6b 65 79 62 6f 61 72 64 2d 69 6e 61 63 74 69 76 65 20 5b 72 6f 6c 65 3d 73 6c 69 64 65 72 5d 3a 66 6f 63 75 73 2c 2e 6d 65 6a 73 2d 63 6f 6e 74 61 69 6e 65 72 2d 6b 65 79 62 6f 61 72 64 2d 69 6e 61 63 74 69 76 65 20 61 2c 2e 6d 65 6a 73 2d 63 6f 6e 74 61 69 6e 65 72 2d 6b 65 79 62 6f 61 72 64 2d 69 6e 61 63 74 69 76 65 20 61 3a 66 6f 63 75 73 2c 2e 6d 65 6a 73 2d 63 6f 6e 74 61 69 6e 65 72 2d 6b 65 79 62
                                                                                                                                                                                                                          Data Ascii: 20px}.mejs-button>button:focus{outline:1px dotted #999}.mejs-container-keyboard-inactive [role=slider],.mejs-container-keyboard-inactive [role=slider]:focus,.mejs-container-keyboard-inactive a,.mejs-container-keyboard-inactive a:focus,.mejs-container-keyb
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC1369INData Raw: 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 2d 34 35 64 65 67 2c 68 73 6c 61 28 30 2c 30 25 2c 31 30 30 25 2c 2e 34 29 20 32 35 25 2c 74 72 61 6e 73 70 61 72 65 6e 74 20 30 2c 74 72 61 6e 73 70 61 72 65 6e 74 20 35 30 25 2c 68 73 6c 61 28 30 2c 30 25 2c 31 30 30 25 2c 2e 34 29 20 30 2c 68 73 6c 61 28 30 2c 30 25 2c 31 30 30 25 2c 2e 34 29 20 37 35 25 2c 74 72 61 6e 73 70 61 72 65 6e 74 20 30 2c 74 72 61 6e 73 70 61 72 65 6e 74 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 73 69 7a 65 3a 31 35 70 78 20 31 35 70 78 3b 77 69 64 74 68 3a 31 30 30 25 7d 40 2d 77 65 62 6b 69 74 2d 6b 65 79 66 72 61 6d 65 73 20 62 7b 30 25 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 30 7d 74 6f 7b 62 61 63 6b 67 72 6f 75
                                                                                                                                                                                                                          Data Ascii: ;background:linear-gradient(-45deg,hsla(0,0%,100%,.4) 25%,transparent 0,transparent 50%,hsla(0,0%,100%,.4) 0,hsla(0,0%,100%,.4) 75%,transparent 0,transparent);background-size:15px 15px;width:100%}@-webkit-keyframes b{0%{background-position:0 0}to{backgrou
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC1369INData Raw: 74 65 58 28 30 29 3b 2d 6d 73 2d 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 30 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 30 29 3b 7a 2d 69 6e 64 65 78 3a 31 31 7d 2e 6d 65 6a 73 2d 74 69 6d 65 2d 68 61 6e 64 6c 65 2d 63 6f 6e 74 65 6e 74 7b 62 6f 72 64 65 72 3a 34 70 78 20 73 6f 6c 69 64 20 68 73 6c 61 28 30 2c 30 25 2c 31 30 30 25 2c 2e 39 29 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 35 30 25 3b 68 65 69 67 68 74 3a 31 30 70 78 3b 6c 65 66 74 3a 2d 37 70 78 3b 74 6f 70 3a 2d 34 70 78 3b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 30 29 3b 2d 6d 73 2d 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 30 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 30 29 3b 77 69 64 74 68
                                                                                                                                                                                                                          Data Ascii: teX(0);-ms-transform:translateX(0);transform:translateX(0);z-index:11}.mejs-time-handle-content{border:4px solid hsla(0,0%,100%,.9);border-radius:50%;height:10px;left:-7px;top:-4px;-webkit-transform:scale(0);-ms-transform:scale(0);transform:scale(0);width
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC1369INData Raw: 6e 3e 62 75 74 74 6f 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 2d 31 30 30 70 78 20 30 7d 2e 6d 65 6a 73 2d 6d 75 74 65 3e 62 75 74 74 6f 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 2d 36 30 70 78 20 30 7d 2e 6d 65 6a 73 2d 75 6e 6d 75 74 65 3e 62 75 74 74 6f 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 2d 34 30 70 78 20 30 7d 2e 6d 65 6a 73 2d 76 6f 6c 75 6d 65 2d 62 75 74 74 6f 6e 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 7d 2e 6d 65 6a 73 2d 76 6f 6c 75 6d 65 2d 62 75 74 74 6f 6e 3e 2e 6d 65 6a 73 2d 76 6f 6c 75 6d 65 2d 73 6c 69 64 65 72 7b 2d 77 65 62 6b 69 74 2d 62 61 63 6b 66 61 63 65 2d 76 69 73 69 62 69 6c 69 74 79 3a 68 69 64 64 65 6e 3b 62 61 63 6b 67 72 6f 75 6e 64
                                                                                                                                                                                                                          Data Ascii: n>button{background-position:-100px 0}.mejs-mute>button{background-position:-60px 0}.mejs-unmute>button{background-position:-40px 0}.mejs-volume-button{position:relative}.mejs-volume-button>.mejs-volume-slider{-webkit-backface-visibility:hidden;background
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC1369INData Raw: 67 3a 30 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 7d 2e 6d 65 6a 73 2d 68 6f 72 69 7a 6f 6e 74 61 6c 2d 76 6f 6c 75 6d 65 2d 63 75 72 72 65 6e 74 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 68 73 6c 61 28 30 2c 30 25 2c 31 30 30 25 2c 2e 38 29 3b 68 65 69 67 68 74 3a 31 30 30 25 3b 74 6f 70 3a 30 3b 77 69 64 74 68 3a 31 30 30 25 7d 2e 6d 65 6a 73 2d 68 6f 72 69 7a 6f 6e 74 61 6c 2d 76 6f 6c 75 6d 65 2d 68 61 6e 64 6c 65 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 2e 6d 65 6a 73 2d 63 61 70 74 69 6f 6e 73 2d 62 75 74 74 6f 6e 2c 2e 6d 65 6a 73 2d 63 68 61 70 74 65 72 73 2d 62 75 74 74 6f 6e 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 7d 2e 6d 65 6a 73 2d 63 61 70 74 69 6f 6e 73 2d 62 75 74 74 6f 6e 3e 62 75 74 74 6f 6e 7b 62 61 63 6b 67 72 6f
                                                                                                                                                                                                                          Data Ascii: g:0;position:absolute}.mejs-horizontal-volume-current{background:hsla(0,0%,100%,.8);height:100%;top:0;width:100%}.mejs-horizontal-volume-handle{display:none}.mejs-captions-button,.mejs-chapters-button{position:relative}.mejs-captions-button>button{backgro
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC1094INData Raw: 6f 61 74 3a 6c 65 66 74 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 30 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 70 78 3b 70 61 64 64 69 6e 67 3a 34 70 78 20 31 30 70 78 20 30 3b 77 69 64 74 68 3a 31 30 30 25 7d 2e 6d 65 6a 73 2d 63 61 70 74 69 6f 6e 73 2d 73 65 6c 65 63 74 65 64 2c 2e 6d 65 6a 73 2d 63 68 61 70 74 65 72 73 2d 73 65 6c 65 63 74 65 64 7b 63 6f 6c 6f 72 3a 23 32 31 66 38 66 38 7d 2e 6d 65 6a 73 2d 63 61 70 74 69 6f 6e 73 2d 74 72 61 6e 73 6c 61 74 69 6f 6e 73 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 30 70 78 3b 6d 61 72 67 69 6e 3a 30 20 30 20 35 70 78 7d 2e 6d 65 6a 73 2d 63 61 70 74 69 6f 6e 73 2d 6c 61 79 65 72 7b 62 6f 74 74 6f 6d 3a 30 3b 63 6f 6c 6f 72 3a 23 66 66 66 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 6c 65 66 74 3a 30 3b 6c
                                                                                                                                                                                                                          Data Ascii: oat:left;font-size:10px;line-height:15px;padding:4px 10px 0;width:100%}.mejs-captions-selected,.mejs-chapters-selected{color:#21f8f8}.mejs-captions-translations{font-size:10px;margin:0 0 5px}.mejs-captions-layer{bottom:0;color:#fff;font-size:16px;left:0;l
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          4192.168.2.449748104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC706OUTGET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=35eac6e98b37c7568cceeeeb456d12a3 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC769INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:17 GMT
                                                                                                                                                                                                                          Content-Type: text/css
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Wed, 13 Nov 2019 00:35:29 GMT
                                                                                                                                                                                                                          ETag: W/"42866-105a-5972f8aadfb21-gzip"
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: EXPIRED
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nLNCQLzmdk2iLG5jXw%2FxhXUyfJ6B%2FKc8KXK4BhPJ2vEdJkzQl3dvy7ZlNbdHqKqzf3IsaeUETzx5%2FVd0vBjHSG%2B9%2FOrMesSuoW2jlkP7lTPvxS39fmm9YdCHMbc%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c2143f9f07bf-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC600INData Raw: 31 30 35 61 0d 0a 2e 6d 65 6a 73 2d 63 6f 6e 74 61 69 6e 65 72 7b 63 6c 65 61 72 3a 62 6f 74 68 3b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 7d 2e 6d 65 6a 73 2d 63 6f 6e 74 61 69 6e 65 72 20 2a 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 48 65 6c 76 65 74 69 63 61 2c 41 72 69 61 6c 7d 2e 6d 65 6a 73 2d 63 6f 6e 74 61 69 6e 65 72 2c 2e 6d 65 6a 73 2d 63 6f 6e 74 61 69 6e 65 72 20 2e 6d 65 6a 73 2d 63 6f 6e 74 72 6f 6c 73 2c 2e 6d 65 6a 73 2d 65 6d 62 65 64 2c 2e 6d 65 6a 73 2d 65 6d 62 65 64 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 32 32 32 7d 2e 6d 65 6a 73 2d 74 69 6d 65 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 3b 77 6f 72 64 2d 77 72 61 70 3a 6e 6f 72 6d 61 6c 7d 2e 6d 65 6a 73 2d 63 6f 6e 74 72 6f 6c 73 20 61 2e 6d 65 6a 73 2d 68 6f 72
                                                                                                                                                                                                                          Data Ascii: 105a.mejs-container{clear:both;max-width:100%}.mejs-container *{font-family:Helvetica,Arial}.mejs-container,.mejs-container .mejs-controls,.mejs-embed,.mejs-embed body{background:#222}.mejs-time{font-weight:400;word-wrap:normal}.mejs-controls a.mejs-hor
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC1369INData Raw: 74 69 6d 65 2d 72 61 69 6c 20 2e 6d 65 6a 73 2d 74 69 6d 65 2d 74 6f 74 61 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 72 67 62 61 28 32 35 35 2c 32 35 35 2c 32 35 35 2c 2e 33 33 29 7d 2e 6d 65 6a 73 2d 63 6f 6e 74 72 6f 6c 73 20 2e 6d 65 6a 73 2d 68 6f 72 69 7a 6f 6e 74 61 6c 2d 76 6f 6c 75 6d 65 2d 73 6c 69 64 65 72 20 2e 6d 65 6a 73 2d 68 6f 72 69 7a 6f 6e 74 61 6c 2d 76 6f 6c 75 6d 65 2d 63 75 72 72 65 6e 74 2c 2e 6d 65 6a 73 2d 63 6f 6e 74 72 6f 6c 73 20 2e 6d 65 6a 73 2d 68 6f 72 69 7a 6f 6e 74 61 6c 2d 76 6f 6c 75 6d 65 2d 73 6c 69 64 65 72 20 2e 6d 65 6a 73 2d 68 6f 72 69 7a 6f 6e 74 61 6c 2d 76 6f 6c 75 6d 65 2d 74 6f 74 61 6c 2c 2e 6d 65 6a 73 2d 63 6f 6e 74 72 6f 6c 73 20 2e 6d 65 6a 73 2d 74 69 6d 65 2d 72 61 69 6c 20 73 70 61 6e 7b 62 6f 72 64 65
                                                                                                                                                                                                                          Data Ascii: time-rail .mejs-time-total{background:rgba(255,255,255,.33)}.mejs-controls .mejs-horizontal-volume-slider .mejs-horizontal-volume-current,.mejs-controls .mejs-horizontal-volume-slider .mejs-horizontal-volume-total,.mejs-controls .mejs-time-rail span{borde
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC1369INData Raw: 2d 73 68 6f 72 74 63 6f 64 65 7b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7d 2e 76 69 64 65 6f 2d 64 65 74 61 69 6c 73 20 2e 77 70 2d 76 69 64 65 6f 2d 68 6f 6c 64 65 72 7b 77 69 64 74 68 3a 31 30 30 25 3b 6d 61 78 2d 77 69 64 74 68 3a 36 34 30 70 78 7d 2e 77 70 2d 70 6c 61 79 6c 69 73 74 7b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 63 63 63 3b 70 61 64 64 69 6e 67 3a 31 30 70 78 3b 6d 61 72 67 69 6e 3a 31 32 70 78 20 30 20 31 38 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 35 7d 2e 77 70 2d 61 64 6d 69 6e 20 2e 77 70 2d 70 6c 61 79 6c 69 73 74 7b 6d 61 72 67 69 6e 3a 30 20 30 20 31 38 70 78 7d 2e 77 70 2d 70 6c 61 79 6c 69 73 74
                                                                                                                                                                                                                          Data Ascii: -shortcode{max-width:100%;display:inline-block}.video-details .wp-video-holder{width:100%;max-width:640px}.wp-playlist{border:1px solid #ccc;padding:10px;margin:12px 0 18px;font-size:14px;line-height:1.5}.wp-admin .wp-playlist{margin:0 0 18px}.wp-playlist
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC856INData Raw: 6f 74 74 6f 6d 3a 31 70 78 20 73 6f 6c 69 64 20 23 63 63 63 7d 2e 77 70 2d 70 6c 61 79 6c 69 73 74 2d 69 74 65 6d 3a 6c 61 73 74 2d 63 68 69 6c 64 7b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 30 7d 2e 77 70 2d 70 6c 61 79 6c 69 73 74 2d 6c 69 67 68 74 20 2e 77 70 2d 70 6c 61 79 6c 69 73 74 2d 63 61 70 74 69 6f 6e 7b 63 6f 6c 6f 72 3a 23 33 33 33 7d 2e 77 70 2d 70 6c 61 79 6c 69 73 74 2d 64 61 72 6b 20 2e 77 70 2d 70 6c 61 79 6c 69 73 74 2d 63 61 70 74 69 6f 6e 7b 63 6f 6c 6f 72 3a 23 64 64 64 7d 2e 77 70 2d 70 6c 61 79 6c 69 73 74 2d 70 6c 61 79 69 6e 67 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 37 66 37 66 37 7d 2e 77 70 2d 70 6c 61 79 6c 69 73 74 2d 6c 69 67 68 74 20 2e 77 70 2d 70 6c 61 79 6c 69 73 74 2d
                                                                                                                                                                                                                          Data Ascii: ottom:1px solid #ccc}.wp-playlist-item:last-child{border-bottom:0}.wp-playlist-light .wp-playlist-caption{color:#333}.wp-playlist-dark .wp-playlist-caption{color:#ddd}.wp-playlist-playing{font-weight:700;background:#f7f7f7}.wp-playlist-light .wp-playlist-
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          5192.168.2.449746104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC716OUTGET /wp-content/plugins/easy-digital-downloads-pro/includes/blocks/assets/css/edd-blocks.css?ver=3.2.12 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC763INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:17 GMT
                                                                                                                                                                                                                          Content-Type: text/css
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Mon, 29 Apr 2024 20:18:13 GMT
                                                                                                                                                                                                                          ETag: W/"105f4c-126-61741f3f9dd14-gzip"
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: EXPIRED
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AWU4ZWzxc73etlwI47zUrA30zxbhwZt8FCpzTldDFSawIL1PFt0ZNKlizmnlOtVwDA5lwBmzciAcCI35I4Kt%2Bni4Lb61PKOa3cJ9Sb96NikJRZ%2BLCb8KIPQmKIE%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c2143e4728a4-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC301INData Raw: 31 32 36 0d 0a 3a 72 6f 6f 74 20 7b 0a 09 2d 2d 65 64 64 2d 62 6c 6f 63 6b 73 2d 6c 69 67 68 74 2d 67 72 65 79 3a 20 23 65 65 65 3b 0a 7d 0a 0a 2e 73 63 72 65 65 6e 2d 72 65 61 64 65 72 2d 74 65 78 74 20 7b 0a 09 62 6f 72 64 65 72 3a 20 30 3b 0a 09 63 6c 69 70 3a 20 72 65 63 74 28 31 70 78 2c 20 31 70 78 2c 20 31 70 78 2c 20 31 70 78 29 3b 0a 09 2d 77 65 62 6b 69 74 2d 63 6c 69 70 2d 70 61 74 68 3a 20 69 6e 73 65 74 28 35 30 25 29 3b 0a 09 63 6c 69 70 2d 70 61 74 68 3a 20 69 6e 73 65 74 28 35 30 25 29 3b 0a 09 68 65 69 67 68 74 3a 20 31 70 78 3b 0a 09 6d 61 72 67 69 6e 3a 20 2d 31 70 78 3b 0a 09 6f 76 65 72 66 6c 6f 77 3a 20 68 69 64 64 65 6e 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 09 77
                                                                                                                                                                                                                          Data Ascii: 126:root {--edd-blocks-light-grey: #eee;}.screen-reader-text {border: 0;clip: rect(1px, 1px, 1px, 1px);-webkit-clip-path: inset(50%);clip-path: inset(50%);height: 1px;margin: -1px;overflow: hidden;padding: 0;position: absolute;w
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          6192.168.2.449745104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC716OUTGET /wp-content/plugins/bitsum-wp//css/edd-supplemental-styles.css?ver=35eac6e98b37c7568cceeeeb456d12a3 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC764INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:17 GMT
                                                                                                                                                                                                                          Content-Type: text/css
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Mon, 11 Mar 2024 16:07:31 GMT
                                                                                                                                                                                                                          ETag: W/"fef53-16c-61364bd276298-gzip"
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: EXPIRED
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lXPVXaTo%2BlDH8li3SAlAoNoeVrZPSWWJ6HR%2BdCeaeAHQwl5cyhRNpkiDkVknL1XYhjh%2FsZBfis5AfxyjqwhF2S61hAU7mwEAN9jqv8d9c0Spr7J59m7sLfc4GqY%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c2143f1e2d18-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC371INData Raw: 31 36 63 0d 0a 2e 65 64 64 2d 70 72 69 63 65 2d 72 6f 77 20 7b 0d 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0d 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 32 65 6d 3b 0d 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 32 65 6d 3b 0d 0a 7d 0d 0a 0d 0a 2e 65 64 64 2d 70 72 69 63 65 2d 68 65 61 64 69 6e 67 20 7b 0d 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0d 0a 7d 0d 0a 0d 0a 2e 65 64 64 2d 63 68 65 63 6b 6f 75 74 2d 73 74 72 69 6b 65 74 68 72 6f 75 67 68 2d 70 72 69 63 65 20 7b 0d 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6c 69 6e 65 2d 74 68 72 6f 75 67 68 3b 20 20 20 20 0d 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 72 65 64 3b 0d 0a 7d 0d 0a 0d 0a 2e 65 64
                                                                                                                                                                                                                          Data Ascii: 16c.edd-price-row { text-align: center; font-size: 1.2em; line-height: 1.2em;}.edd-price-heading { text-align: center;}.edd-checkout-strikethrough-price { text-decoration: line-through; color: red;}.ed
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          7192.168.2.449750151.101.128.1764434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC517OUTGET /v3/?ver=v3 HTTP/1.1
                                                                                                                                                                                                                          Host: js.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: script
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC626INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Content-Length: 617324
                                                                                                                                                                                                                          Last-Modified: Sat, 04 May 2024 04:29:46 GMT
                                                                                                                                                                                                                          ETag: "2692eab1e562bacee19ab5e8f3b0b448"
                                                                                                                                                                                                                          Cache-Control: max-age=60
                                                                                                                                                                                                                          Content-Type: text/javascript; charset=utf-8
                                                                                                                                                                                                                          strict-transport-security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          x-content-type-options: nosniff
                                                                                                                                                                                                                          access-control-allow-origin: *
                                                                                                                                                                                                                          server: Fastly
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Age: 89
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:17 GMT
                                                                                                                                                                                                                          Via: 1.1 varnish
                                                                                                                                                                                                                          X-Request-ID: 77c43641-d137-486b-adc7-b7d114b301c6
                                                                                                                                                                                                                          X-Served-By: cache-lga21938-LGA
                                                                                                                                                                                                                          X-Cache: HIT
                                                                                                                                                                                                                          X-Cache-Hits: 0
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          Timing-Allow-Origin: *
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC1378INData Raw: 21 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 65 28 74 29 7b 76 61 72 20 6e 3d 6f 5b 74 5d 3b 69 66 28 76 6f 69 64 20 30 21 3d 3d 6e 29 72 65 74 75 72 6e 20 6e 2e 65 78 70 6f 72 74 73 3b 76 61 72 20 69 3d 6f 5b 74 5d 3d 7b 69 64 3a 74 2c 6c 6f 61 64 65 64 3a 21 31 2c 65 78 70 6f 72 74 73 3a 7b 7d 7d 3b 72 65 74 75 72 6e 20 72 5b 74 5d 28 69 2c 69 2e 65 78 70 6f 72 74 73 2c 65 29 2c 69 2e 6c 6f 61 64 65 64 3d 21 30 2c 69 2e 65 78 70 6f 72 74 73 7d 76 61 72 20 74 2c 6e 2c 72 3d 7b 37 32 33 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 72 28 65 29 7b 6c 2e 6c 65 6e 67 74 68 7c 7c 28 61 28 29 2c 21 30 29 2c 6c 5b 6c 2e 6c 65 6e 67 74 68 5d 3d 65 7d 66 75 6e 63 74 69 6f 6e
                                                                                                                                                                                                                          Data Ascii: !function(){function e(t){var n=o[t];if(void 0!==n)return n.exports;var i=o[t]={id:t,loaded:!1,exports:{}};return r[t](i,i.exports,e),i.loaded=!0,i.exports}var t,n,r={723:function(e,t,n){"use strict";function r(e){l.length||(a(),!0),l[l.length]=e}function
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC1378INData Raw: 65 34 32 62 64 64 30 65 2e 73 76 67 22 7d 2c 36 36 32 38 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 65 2e 65 78 70 6f 72 74 73 3d 6e 2e 70 2b 22 66 69 6e 67 65 72 70 72 69 6e 74 65 64 2f 69 6d 67 2f 6e 6e 2d 65 66 30 64 61 34 62 33 36 31 34 32 63 32 38 37 31 38 61 64 32 34 62 61 65 64 63 35 38 34 35 33 2e 73 76 67 22 7d 2c 39 38 32 34 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 65 2e 65 78 70 6f 72 74 73 3d 6e 2e 70 2b 22 66 69 6e 67 65 72 70 72 69 6e 74 65 64 2f 69 6d 67 2f 72 61 62 6f 62 61 6e 6b 2d 64 63 35 31 38 37 65 38 34 31 33 34 31 39 39 37 35 66 64 61 39 61 37 32 61 30 38 63 32 35 61 33 2e 73 76 67 22 7d 2c 33 32 36 30 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 65 2e 65 78 70 6f 72 74 73 3d 6e 2e 70 2b 22 66 69 6e 67 65 72
                                                                                                                                                                                                                          Data Ascii: e42bdd0e.svg"},6628:function(e,t,n){e.exports=n.p+"fingerprinted/img/nn-ef0da4b36142c28718ad24baedc58453.svg"},9824:function(e,t,n){e.exports=n.p+"fingerprinted/img/rabobank-dc5187e8413419975fda9a72a08c25a3.svg"},3260:function(e,t,n){e.exports=n.p+"finger
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC1378INData Raw: 65 3b 65 2e 65 78 70 6f 72 74 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 69 66 28 21 4f 62 6a 65 63 74 2e 61 73 73 69 67 6e 29 72 65 74 75 72 6e 21 31 3b 76 61 72 20 65 3d 6e 65 77 20 53 74 72 69 6e 67 28 22 61 62 63 22 29 3b 69 66 28 65 5b 35 5d 3d 22 64 65 22 2c 22 35 22 3d 3d 3d 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 4e 61 6d 65 73 28 65 29 5b 30 5d 29 72 65 74 75 72 6e 21 31 3b 66 6f 72 28 76 61 72 20 74 3d 7b 7d 2c 6e 3d 30 3b 6e 3c 31 30 3b 6e 2b 2b 29 74 5b 22 5f 22 2b 53 74 72 69 6e 67 2e 66 72 6f 6d 43 68 61 72 43 6f 64 65 28 6e 29 5d 3d 6e 3b 69 66 28 22 30 31 32 33 34 35 36 37 38 39 22 21 3d 3d 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 4e 61 6d 65 73 28 74 29 2e 6d 61 70 28 28 66 75 6e 63 74
                                                                                                                                                                                                                          Data Ascii: e;e.exports=function(){try{if(!Object.assign)return!1;var e=new String("abc");if(e[5]="de","5"===Object.getOwnPropertyNames(e)[0])return!1;for(var t={},n=0;n<10;n++)t["_"+String.fromCharCode(n)]=n;if("0123456789"!==Object.getOwnPropertyNames(t).map((funct
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC1378INData Raw: 2c 74 29 7d 66 75 6e 63 74 69 6f 6e 20 61 28 65 2c 74 29 7b 69 66 28 74 3d 3d 3d 65 29 72 65 74 75 72 6e 20 63 28 65 2c 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 22 41 20 70 72 6f 6d 69 73 65 20 63 61 6e 6e 6f 74 20 62 65 20 72 65 73 6f 6c 76 65 64 20 77 69 74 68 20 69 74 73 65 6c 66 2e 22 29 29 3b 69 66 28 74 26 26 28 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 74 7c 7c 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 74 29 29 7b 76 61 72 20 6e 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 74 72 79 7b 72 65 74 75 72 6e 20 65 2e 74 68 65 6e 7d 63 61 74 63 68 28 65 29 7b 72 65 74 75 72 6e 20 70 3d 65 2c 6d 7d 7d 28 74 29 3b 69 66 28 6e 3d 3d 3d 6d 29 72 65 74 75 72 6e 20 63 28 65 2c 70 29 3b 69 66 28 6e 3d 3d 3d 65 2e 74 68 65 6e 26 26 74 20 69 6e
                                                                                                                                                                                                                          Data Ascii: ,t)}function a(e,t){if(t===e)return c(e,new TypeError("A promise cannot be resolved with itself."));if(t&&("object"==typeof t||"function"==typeof t)){var n=function(e){try{return e.then}catch(e){return p=e,m}}(t);if(n===m)return c(e,p);if(n===e.then&&t in
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC1378INData Raw: 69 64 20 30 3d 3d 3d 65 29 72 65 74 75 72 6e 20 73 3b 69 66 28 21 30 3d 3d 3d 65 29 72 65 74 75 72 6e 20 69 3b 69 66 28 21 31 3d 3d 3d 65 29 72 65 74 75 72 6e 20 61 3b 69 66 28 30 3d 3d 3d 65 29 72 65 74 75 72 6e 20 75 3b 69 66 28 22 22 3d 3d 3d 65 29 72 65 74 75 72 6e 20 6c 3b 69 66 28 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 7c 7c 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 65 29 74 72 79 7b 76 61 72 20 74 3d 65 2e 74 68 65 6e 3b 69 66 28 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 74 29 72 65 74 75 72 6e 20 6e 65 77 20 6f 28 74 2e 62 69 6e 64 28 65 29 29 7d 63 61 74 63 68 28 65 29 7b 72 65 74 75 72 6e 20 6e 65 77 20 6f 28 28 66 75 6e 63 74 69 6f 6e 28 74 2c 6e 29 7b 6e 28 65 29 7d 29 29 7d 72 65 74 75 72 6e 20 72
                                                                                                                                                                                                                          Data Ascii: id 0===e)return s;if(!0===e)return i;if(!1===e)return a;if(0===e)return u;if(""===e)return l;if("object"==typeof e||"function"==typeof e)try{var t=e.then;if("function"==typeof t)return new o(t.bind(e))}catch(e){return new o((function(t,n){n(e)}))}return r
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC1378INData Raw: 65 6e 63 6f 64 65 55 52 49 43 6f 6d 70 6f 6e 65 6e 74 28 61 72 67 75 6d 65 6e 74 73 5b 6e 5d 29 3b 72 65 74 75 72 6e 22 4d 69 6e 69 66 69 65 64 20 52 65 61 63 74 20 65 72 72 6f 72 20 23 22 2b 65 2b 22 3b 20 76 69 73 69 74 20 22 2b 74 2b 22 20 66 6f 72 20 74 68 65 20 66 75 6c 6c 20 6d 65 73 73 61 67 65 20 6f 72 20 75 73 65 20 74 68 65 20 6e 6f 6e 2d 6d 69 6e 69 66 69 65 64 20 64 65 76 20 65 6e 76 69 72 6f 6e 6d 65 6e 74 20 66 6f 72 20 66 75 6c 6c 20 65 72 72 6f 72 73 20 61 6e 64 20 61 64 64 69 74 69 6f 6e 61 6c 20 68 65 6c 70 66 75 6c 20 77 61 72 6e 69 6e 67 73 2e 22 7d 66 75 6e 63 74 69 6f 6e 20 6f 28 65 2c 74 2c 6e 29 7b 74 68 69 73 2e 70 72 6f 70 73 3d 65 2c 74 68 69 73 2e 63 6f 6e 74 65 78 74 3d 74 2c 74 68 69 73 2e 72 65 66 73 3d 4f 2c 74 68 69 73 2e
                                                                                                                                                                                                                          Data Ascii: encodeURIComponent(arguments[n]);return"Minified React error #"+e+"; visit "+t+" for the full message or use the non-minified dev environment for full errors and additional helpful warnings."}function o(e,t,n){this.props=e,this.context=t,this.refs=O,this.
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC1378INData Raw: 22 22 3d 3d 3d 74 3f 22 2e 22 3a 74 2b 22 3a 22 2c 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 65 29 29 66 6f 72 28 76 61 72 20 63 3d 30 3b 63 3c 65 2e 6c 65 6e 67 74 68 3b 63 2b 2b 29 7b 76 61 72 20 73 3d 74 2b 6d 28 69 3d 65 5b 63 5d 2c 63 29 3b 61 2b 3d 64 28 69 2c 73 2c 6e 2c 6f 29 7d 65 6c 73 65 20 69 66 28 6e 75 6c 6c 3d 3d 3d 65 7c 7c 22 6f 62 6a 65 63 74 22 21 3d 74 79 70 65 6f 66 20 65 3f 73 3d 6e 75 6c 6c 3a 73 3d 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 28 73 3d 54 26 26 65 5b 54 5d 7c 7c 65 5b 22 40 40 69 74 65 72 61 74 6f 72 22 5d 29 3f 73 3a 6e 75 6c 6c 2c 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 73 29 66 6f 72 28 65 3d 73 2e 63 61 6c 6c 28 65 29 2c 63 3d 30 3b 21 28 69 3d 65 2e 6e 65 78 74 28 29 29 2e 64 6f 6e 65
                                                                                                                                                                                                                          Data Ascii: ""===t?".":t+":",Array.isArray(e))for(var c=0;c<e.length;c++){var s=t+m(i=e[c],c);a+=d(i,s,n,o)}else if(null===e||"object"!=typeof e?s=null:s="function"==typeof(s=T&&e[T]||e["@@iterator"])?s:null,"function"==typeof s)for(e=s.call(e),c=0;!(i=e.next()).done
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC1378INData Raw: 6c 2e 66 6f 72 28 22 72 65 61 63 74 2e 73 74 72 69 63 74 5f 6d 6f 64 65 22 29 3a 36 30 31 30 38 2c 50 3d 67 3f 53 79 6d 62 6f 6c 2e 66 6f 72 28 22 72 65 61 63 74 2e 70 72 6f 66 69 6c 65 72 22 29 3a 36 30 31 31 34 2c 45 3d 67 3f 53 79 6d 62 6f 6c 2e 66 6f 72 28 22 72 65 61 63 74 2e 70 72 6f 76 69 64 65 72 22 29 3a 36 30 31 30 39 2c 43 3d 67 3f 53 79 6d 62 6f 6c 2e 66 6f 72 28 22 72 65 61 63 74 2e 63 6f 6e 74 65 78 74 22 29 3a 36 30 31 31 30 2c 41 3d 67 3f 53 79 6d 62 6f 6c 2e 66 6f 72 28 22 72 65 61 63 74 2e 66 6f 72 77 61 72 64 5f 72 65 66 22 29 3a 36 30 31 31 32 2c 4e 3d 67 3f 53 79 6d 62 6f 6c 2e 66 6f 72 28 22 72 65 61 63 74 2e 73 75 73 70 65 6e 73 65 22 29 3a 36 30 31 31 33 3b 67 26 26 53 79 6d 62 6f 6c 2e 66 6f 72 28 22 72 65 61 63 74 2e 73 75 73 70
                                                                                                                                                                                                                          Data Ascii: l.for("react.strict_mode"):60108,P=g?Symbol.for("react.profiler"):60114,E=g?Symbol.for("react.provider"):60109,C=g?Symbol.for("react.context"):60110,A=g?Symbol.for("react.forward_ref"):60112,N=g?Symbol.for("react.suspense"):60113;g&&Symbol.for("react.susp
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC1378INData Raw: 65 29 7b 76 61 72 20 74 3d 5b 5d 3b 72 65 74 75 72 6e 20 68 28 65 2c 74 2c 6e 75 6c 6c 2c 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 7d 29 29 2c 74 7d 2c 6f 6e 6c 79 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 21 73 28 65 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 72 28 31 34 33 29 29 3b 72 65 74 75 72 6e 20 65 7d 7d 2c 63 72 65 61 74 65 52 65 66 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 7b 63 75 72 72 65 6e 74 3a 6e 75 6c 6c 7d 7d 2c 43 6f 6d 70 6f 6e 65 6e 74 3a 6f 2c 50 75 72 65 43 6f 6d 70 6f 6e 65 6e 74 3a 61 2c 63 72 65 61 74 65 43 6f 6e 74 65 78 74 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 76 6f 69 64 20 30 3d 3d 3d 74 26 26 28 74 3d 6e 75 6c 6c 29 2c 28 65 3d 7b 24 24 74 79 70 65 6f 66 3a
                                                                                                                                                                                                                          Data Ascii: e){var t=[];return h(e,t,null,(function(e){return e})),t},only:function(e){if(!s(e))throw Error(r(143));return e}},createRef:function(){return{current:null}},Component:o,PureComponent:a,createContext:function(e,t){return void 0===t&&(t=null),(e={$$typeof:
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC1378INData Raw: 70 65 2e 64 65 66 61 75 6c 74 50 72 6f 70 73 29 76 61 72 20 73 3d 65 2e 74 79 70 65 2e 64 65 66 61 75 6c 74 50 72 6f 70 73 3b 66 6f 72 28 75 20 69 6e 20 74 29 4c 2e 63 61 6c 6c 28 74 2c 75 29 26 26 21 42 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 75 29 26 26 28 6f 5b 75 5d 3d 76 6f 69 64 20 30 3d 3d 3d 74 5b 75 5d 26 26 76 6f 69 64 20 30 21 3d 3d 73 3f 73 5b 75 5d 3a 74 5b 75 5d 29 7d 76 61 72 20 75 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 2d 32 3b 69 66 28 31 3d 3d 3d 75 29 6f 2e 63 68 69 6c 64 72 65 6e 3d 6e 3b 65 6c 73 65 20 69 66 28 31 3c 75 29 7b 73 3d 41 72 72 61 79 28 75 29 3b 66 6f 72 28 76 61 72 20 6c 3d 30 3b 6c 3c 75 3b 6c 2b 2b 29 73 5b 6c 5d 3d 61 72 67 75 6d 65 6e 74 73 5b 6c 2b 32 5d 3b 6f 2e 63 68 69 6c 64 72 65 6e 3d 73 7d
                                                                                                                                                                                                                          Data Ascii: pe.defaultProps)var s=e.type.defaultProps;for(u in t)L.call(t,u)&&!B.hasOwnProperty(u)&&(o[u]=void 0===t[u]&&void 0!==s?s[u]:t[u])}var u=arguments.length-2;if(1===u)o.children=n;else if(1<u){s=Array(u);for(var l=0;l<u;l++)s[l]=arguments[l+2];o.children=s}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          8192.168.2.449744104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC698OUTGET /wp-content/plugins/theme-my-login/assets/styles/theme-my-login.min.css?ver=7.1.7 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC772INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:17 GMT
                                                                                                                                                                                                                          Content-Type: text/css
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Mon, 18 Mar 2024 16:01:32 GMT
                                                                                                                                                                                                                          ETag: W/"1073c1-48a-613f178ad7b65-gzip"
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: HIT
                                                                                                                                                                                                                          Age: 3536
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IZPSN0yI5BB04AWe5MB2APhiAHIxC%2B74yBSL4oAb4EDDhhgnWppPULpUVf8x%2FaMOevvnM47UgoSieRljt5EYvccjx5xvKMhNLaZhfprQNh9g6kwzW2%2FgUWhldQ0%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c2143c4b3988-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC597INData Raw: 34 38 61 0d 0a 2e 74 6d 6c 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 65 6d 7d 2e 74 6d 6c 20 2a 7b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 7d 2e 74 6d 6c 20 2e 74 6d 6c 2d 66 69 65 6c 64 2d 77 72 61 70 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 65 6d 7d 2e 74 6d 6c 20 2e 74 6d 6c 2d 6c 61 62 65 6c 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 6d 61 72 67 69 6e 3a 2e 35 65 6d 20 30 7d 2e 74 6d 6c 20 2e 74 6d 6c 2d 63 68 65 63 6b 62 6f 78 2b 2e 74 6d 6c 2d 6c 61 62 65 6c 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 7d 2e 74 6d 6c 20 2e 74 6d 6c 2d 66 69 65 6c 64 7b 77 69 64 74 68 3a 31 30 30 25 7d 2e 74 6d 6c 20 2e 74 6d 6c 2d 64 65 73 63 72 69 70 74 69 6f 6e 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e
                                                                                                                                                                                                                          Data Ascii: 48a.tml{font-size:1em}.tml *{box-sizing:border-box}.tml .tml-field-wrap{margin-bottom:1em}.tml .tml-label{display:block;margin:.5em 0}.tml .tml-checkbox+.tml-label{display:inline}.tml .tml-field{width:100%}.tml .tml-description{display:block;font-size:.
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC572INData Raw: 2d 63 6f 6c 6f 72 3a 23 64 63 33 32 33 32 7d 2e 74 6d 6c 20 2e 74 6d 6c 2d 61 63 74 69 6f 6e 2d 63 6f 6e 66 69 72 6d 61 63 74 69 6f 6e 20 2e 73 75 63 63 65 73 73 2c 2e 74 6d 6c 20 2e 74 6d 6c 2d 73 75 63 63 65 73 73 7b 62 6f 72 64 65 72 2d 6c 65 66 74 2d 63 6f 6c 6f 72 3a 23 34 36 62 34 35 30 7d 23 70 61 73 73 2d 73 74 72 65 6e 67 74 68 2d 72 65 73 75 6c 74 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 65 65 65 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 64 64 64 3b 63 6f 6c 6f 72 3a 23 32 33 32 38 32 64 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 3b 6f 70 61 63 69 74 79 3a 30 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 65 6d 3b 70 61 64 64 69 6e 67 3a 2e 35 65 6d 7d 23 70 61 73 73 2d 73 74 72 65 6e 67 74 68 2d 72 65 73 75
                                                                                                                                                                                                                          Data Ascii: -color:#dc3232}.tml .tml-action-confirmaction .success,.tml .tml-success{border-left-color:#46b450}#pass-strength-result{background-color:#eee;border:1px solid #ddd;color:#23282d;font-weight:700;opacity:0;margin-bottom:1em;padding:.5em}#pass-strength-resu
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          9192.168.2.449753104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC714OUTGET /wp-content/plugins/nextgen-gallery/static/Lightbox/fancybox/jquery.fancybox-1.3.4.css?ver=3.59.2 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC831INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:17 GMT
                                                                                                                                                                                                                          Content-Type: text/css
                                                                                                                                                                                                                          Content-Length: 6964
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cf-Bgj: minify
                                                                                                                                                                                                                          Cf-Polished: origSize=9123
                                                                                                                                                                                                                          ETag: "1020ca-23a3-615c1f675be6a-gzip"
                                                                                                                                                                                                                          Last-Modified: Wed, 10 Apr 2024 18:11:08 GMT
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: HIT
                                                                                                                                                                                                                          Age: 3536
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZLV89Ui6K7ZuxNOMDMco8djRGkpAgtbzr8M1eSeYA4yqVkipvq22o3jj23Vli%2FtRxCEzUCu09z%2B0UppRg5Tv8Xuj6mJXHz2HPtXW4mOpTSmd4%2FIgbMt5unhKSxI%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c216ed143932-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC538INData Raw: 23 66 61 6e 63 79 62 6f 78 2d 6c 6f 61 64 69 6e 67 7b 70 6f 73 69 74 69 6f 6e 3a 66 69 78 65 64 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 77 69 64 74 68 3a 34 30 70 78 3b 68 65 69 67 68 74 3a 34 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 30 70 78 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 32 30 70 78 3b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 7a 2d 69 6e 64 65 78 3a 31 31 30 34 3b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 23 66 61 6e 63 79 62 6f 78 2d 6c 6f 61 64 69 6e 67 20 64 69 76 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 6c 65 66 74 3a 30 3b 77 69 64 74 68 3a 34 30 70 78 3b 68 65 69 67 68 74 3a 34 38 30 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d
                                                                                                                                                                                                                          Data Ascii: #fancybox-loading{position:fixed;top:50%;left:50%;width:40px;height:40px;margin-top:-20px;margin-left:-20px;cursor:pointer;overflow:hidden;z-index:1104;display:none}#fancybox-loading div{position:absolute;top:0;left:0;width:40px;height:480px;background-im
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC1369INData Raw: 78 2d 6f 75 74 65 72 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 77 69 64 74 68 3a 31 30 30 25 3b 68 65 69 67 68 74 3a 31 30 30 25 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 7d 23 66 61 6e 63 79 62 6f 78 2d 63 6f 6e 74 65 6e 74 7b 77 69 64 74 68 3a 30 3b 68 65 69 67 68 74 3a 30 3b 70 61 64 64 69 6e 67 3a 30 3b 6f 75 74 6c 69 6e 65 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 7a 2d 69 6e 64 65 78 3a 31 31 30 32 3b 62 6f 72 64 65 72 3a 30 20 73 6f 6c 69 64 20 23 66 66 66 7d 23 66 61 6e 63 79 62 6f 78 2d 68 69 64 65 2d 73 65 6c 2d 66 72 61 6d 65 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 6c 65 66 74 3a 30 3b 77 69 64 74 68 3a 31 30 30
                                                                                                                                                                                                                          Data Ascii: x-outer{position:relative;width:100%;height:100%;background:#fff}#fancybox-content{width:0;height:0;padding:0;outline:none;position:relative;overflow:hidden;z-index:1102;border:0 solid #fff}#fancybox-hide-sel-frame{position:absolute;top:0;left:0;width:100
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC1369INData Raw: 78 7d 23 66 61 6e 63 79 62 6f 78 2d 72 69 67 68 74 3a 68 6f 76 65 72 20 73 70 61 6e 7b 6c 65 66 74 3a 61 75 74 6f 3b 72 69 67 68 74 3a 32 30 70 78 7d 2e 66 61 6e 63 79 62 6f 78 2d 62 67 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 70 61 64 64 69 6e 67 3a 30 3b 6d 61 72 67 69 6e 3a 30 3b 62 6f 72 64 65 72 3a 30 3b 77 69 64 74 68 3a 32 30 70 78 3b 68 65 69 67 68 74 3a 32 30 70 78 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 31 7d 23 66 61 6e 63 79 62 6f 78 2d 62 67 2d 6e 7b 74 6f 70 3a 2d 32 30 70 78 3b 6c 65 66 74 3a 30 3b 77 69 64 74 68 3a 31 30 30 25 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 75 72 6c 28 66 61 6e 63 79 62 6f 78 2d 78 2e 70 6e 67 29 7d 23 66 61 6e 63 79 62 6f 78 2d 62 67 2d 6e 65 7b 74 6f 70 3a 2d 32 30 70 78 3b 72 69 67 68
                                                                                                                                                                                                                          Data Ascii: x}#fancybox-right:hover span{left:auto;right:20px}.fancybox-bg{position:absolute;padding:0;margin:0;border:0;width:20px;height:20px;z-index:1001}#fancybox-bg-n{top:-20px;left:0;width:100%;background-image:url(fancybox-x.png)}#fancybox-bg-ne{top:-20px;righ
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC1369INData Raw: 6c 6f 61 74 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6c 65 66 74 3a 30 3b 62 6f 74 74 6f 6d 3a 2d 32 30 70 78 3b 68 65 69 67 68 74 3a 33 32 70 78 7d 23 66 61 6e 63 79 62 6f 78 2d 74 69 74 6c 65 2d 66 6c 6f 61 74 2d 77 72 61 70 7b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 62 6f 72 64 65 72 2d 63 6f 6c 6c 61 70 73 65 3a 63 6f 6c 6c 61 70 73 65 3b 77 69 64 74 68 3a 61 75 74 6f 7d 23 66 61 6e 63 79 62 6f 78 2d 74 69 74 6c 65 2d 66 6c 6f 61 74 2d 77 72 61 70 20 74 64 7b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 77 68 69 74 65 2d 73 70 61 63 65 3a 6e 6f 77 72 61 70 7d 23 66 61 6e 63 79 62 6f 78 2d 74 69 74 6c 65 2d 66 6c 6f 61 74 2d 6c 65 66 74 7b 70 61 64 64 69 6e 67 3a 30 20 30 20 30 20 31 35 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 66 61 6e
                                                                                                                                                                                                                          Data Ascii: loat{position:absolute;left:0;bottom:-20px;height:32px}#fancybox-title-float-wrap{border:none;border-collapse:collapse;width:auto}#fancybox-title-float-wrap td{border:none;white-space:nowrap}#fancybox-title-float-left{padding:0 0 0 15px;background:url(fan
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC1369INData Raw: 66 6c 6f 61 74 2d 6d 61 69 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 30 20 30 3b 66 69 6c 74 65 72 3a 70 72 6f 67 69 64 3a 44 58 49 6d 61 67 65 54 72 61 6e 73 66 6f 72 6d 2e 4d 69 63 72 6f 73 6f 66 74 2e 41 6c 70 68 61 49 6d 61 67 65 4c 6f 61 64 65 72 28 73 72 63 3d 27 66 61 6e 63 79 62 6f 78 2f 66 61 6e 63 79 5f 74 69 74 6c 65 5f 6d 61 69 6e 2e 70 6e 67 27 2c 73 69 7a 69 6e 67 4d 65 74 68 6f 64 3d 27 73 63 61 6c 65 27 29 7d 2e 66 61 6e 63 79 62 6f 78 2d 69 65 36 20 23 66 61 6e 63 79 62 6f 78 2d 74 69 74 6c 65 2d 66 6c 6f 61 74 2d 72 69 67 68 74 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 30 20 30 3b 66 69 6c 74 65 72 3a 70 72 6f 67 69 64 3a 44 58 49 6d 61 67 65 54 72 61 6e 73 66 6f 72 6d 2e 4d 69 63 72 6f 73 6f 66 74 2e 41 6c 70 68 61 49 6d 61 67 65 4c 6f 61 64 65
                                                                                                                                                                                                                          Data Ascii: float-main{background:0 0;filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(src='fancybox/fancy_title_main.png',sizingMethod='scale')}.fancybox-ie6 #fancybox-title-float-right{background:0 0;filter:progid:DXImageTransform.Microsoft.AlphaImageLoade
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC950INData Raw: 69 64 3a 44 58 49 6d 61 67 65 54 72 61 6e 73 66 6f 72 6d 2e 4d 69 63 72 6f 73 6f 66 74 2e 41 6c 70 68 61 49 6d 61 67 65 4c 6f 61 64 65 72 28 73 72 63 3d 27 66 61 6e 63 79 62 6f 78 2f 66 61 6e 63 79 5f 73 68 61 64 6f 77 5f 65 2e 70 6e 67 27 2c 73 69 7a 69 6e 67 4d 65 74 68 6f 64 3d 27 73 63 61 6c 65 27 29 7d 2e 66 61 6e 63 79 62 6f 78 2d 69 65 20 23 66 61 6e 63 79 62 6f 78 2d 62 67 2d 73 65 7b 66 69 6c 74 65 72 3a 70 72 6f 67 69 64 3a 44 58 49 6d 61 67 65 54 72 61 6e 73 66 6f 72 6d 2e 4d 69 63 72 6f 73 6f 66 74 2e 41 6c 70 68 61 49 6d 61 67 65 4c 6f 61 64 65 72 28 73 72 63 3d 27 66 61 6e 63 79 62 6f 78 2f 66 61 6e 63 79 5f 73 68 61 64 6f 77 5f 73 65 2e 70 6e 67 27 2c 73 69 7a 69 6e 67 4d 65 74 68 6f 64 3d 27 73 63 61 6c 65 27 29 7d 2e 66 61 6e 63 79 62 6f
                                                                                                                                                                                                                          Data Ascii: id:DXImageTransform.Microsoft.AlphaImageLoader(src='fancybox/fancy_shadow_e.png',sizingMethod='scale')}.fancybox-ie #fancybox-bg-se{filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(src='fancybox/fancy_shadow_se.png',sizingMethod='scale')}.fancybo


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          10192.168.2.449755104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC697OUTGET /wp-content/plugins/easy-digital-downloads-pro/assets/css/edd.min.css?ver=3.2.12 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC779INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:17 GMT
                                                                                                                                                                                                                          Content-Type: text/css
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Mon, 29 Apr 2024 20:18:13 GMT
                                                                                                                                                                                                                          ETag: W/"105dfe-4b57-61741f3f96014-gzip"
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: HIT
                                                                                                                                                                                                                          Age: 3536
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LcWucmG5mjkqYfDhcn0bDHetSlH02P1hN2NczR8q7Nrbbbw7bbUkc%2F4Gw%2FNlZPIAh%2FoQn1Ie5j46v5dikd%2FSP4%2Fb0qzb%2FBYwT7ILC0OPqN3c2fCtlSB6OTx68ZI%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c2171b9e0801-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC590INData Raw: 34 62 35 37 0d 0a 2e 65 64 64 2d 69 63 6f 6e 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 66 69 6c 6c 3a 63 75 72 72 65 6e 74 43 6f 6c 6f 72 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 6d 69 64 64 6c 65 7d 2e 65 64 64 2d 69 63 6f 6e 2d 73 70 69 6e 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 61 6e 69 6d 61 74 69 6f 6e 3a 65 64 64 2d 69 63 6f 6e 2d 73 70 69 6e 20 32 73 20 6c 69 6e 65 61 72 20 69 6e 66 69 6e 69 74 65 7d 40 6b 65 79 66 72 61 6d 65 73 20 65 64 64 2d 69 63 6f 6e 2d 73 70 69 6e 7b 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 30 64 65 67 29 7d 74 6f 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 33 35 39 64 65 67 29 7d 7d 2e
                                                                                                                                                                                                                          Data Ascii: 4b57.edd-icon{display:inline-block;fill:currentColor;position:relative;vertical-align:middle}.edd-icon-spin{display:inline-block;animation:edd-icon-spin 2s linear infinite}@keyframes edd-icon-spin{0%{transform:rotate(0deg)}to{transform:rotate(359deg)}}.
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC1369INData Raw: 63 61 72 74 5f 68 65 61 64 65 72 5f 72 6f 77 20 74 68 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 61 66 61 66 61 3b 70 61 64 64 69 6e 67 3a 31 2e 33 38 37 65 6d 7d 23 65 64 64 5f 63 68 65 63 6b 6f 75 74 5f 63 61 72 74 20 2e 65 64 64 5f 63 61 72 74 5f 64 69 73 63 6f 75 6e 74 5f 72 6f 77 20 74 68 2c 23 65 64 64 5f 63 68 65 63 6b 6f 75 74 5f 63 61 72 74 20 2e 65 64 64 5f 63 61 72 74 5f 74 61 78 5f 72 6f 77 20 74 68 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 7d 23 65 64 64 5f 63 68 65 63 6b 6f 75 74 5f 63 61 72 74 20 74 68 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 7d 23 65 64 64 5f 63 68 65 63 6b 6f 75 74 5f 63 61 72 74 20 74 64 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 32 35 70 78 3b 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 6d 69 64 64 6c 65 3b 62
                                                                                                                                                                                                                          Data Ascii: cart_header_row th{background:#fafafa;padding:1.387em}#edd_checkout_cart .edd_cart_discount_row th,#edd_checkout_cart .edd_cart_tax_row th{background:none}#edd_checkout_cart th{font-weight:700}#edd_checkout_cart td{line-height:25px;vertical-align:middle;b
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC1369INData Raw: 34 30 30 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 23 65 64 64 5f 63 68 65 63 6b 6f 75 74 5f 66 6f 72 6d 5f 77 72 61 70 20 6c 65 67 65 6e 64 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 30 25 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 3b 77 69 64 74 68 3a 31 30 30 25 3b 6d 61 72 67 69 6e 3a 30 20 30 20 31 72 65 6d 3b 70 61 64 64 69 6e 67 3a 30 3b 77 68 69 74 65 2d 73 70 61 63 65 3a 6e 6f 77 72 61 70 7d 23 65 64 64 5f 63 68 65 63 6b 6f 75 74 5f 66 6f 72 6d 5f 77 72 61 70 20 6c 61 62 65 6c 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 3b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 6c 69 6e 65 2d 68
                                                                                                                                                                                                                          Data Ascii: 400;text-decoration:none}#edd_checkout_form_wrap legend{display:block;font-size:120%;line-height:1;font-weight:700;width:100%;margin:0 0 1rem;padding:0;white-space:nowrap}#edd_checkout_form_wrap label{font-weight:700;display:block;position:relative;line-h
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC1369INData Raw: 6c 3a 61 66 74 65 72 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 7d 23 65 64 64 5f 63 68 65 63 6b 6f 75 74 5f 66 6f 72 6d 5f 77 72 61 70 20 2e 65 64 64 2d 70 61 79 6d 65 6e 74 2d 69 63 6f 6e 73 7b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 6d 61 72 67 69 6e 3a 30 20 30 20 38 70 78 7d 23 65 64 64 5f 63 68 65 63 6b 6f 75 74 5f 66 6f 72 6d 5f 77 72 61 70 20 2e 65 64 64 2d 70 61 79 6d 65 6e 74 2d 69 63 6f 6e 73 20 69 6d 67 2e 70 61 79 6d 65 6e 74 2d 69 63 6f 6e 7b 6d 61 78 2d 68 65 69 67 68 74 3a 33 32 70 78 7d 23 65 64 64 5f 63 68 65 63 6b 6f 75 74 5f 66 6f 72 6d 5f 77 72 61 70 20 2e 65 64 64 2d 70 61 79 6d 65 6e 74 2d 69 63 6f 6e 73 20 2e 70 61 79 6d 65 6e 74 2d 69 63 6f 6e 7b 6d 61 72 67 69 6e 3a 30 20 31 30 70 78 20 30 20 30 7d 23 65 64 64 5f 63 68 65 63 6b
                                                                                                                                                                                                                          Data Ascii: l:after{display:inline}#edd_checkout_form_wrap .edd-payment-icons{display:flex;margin:0 0 8px}#edd_checkout_form_wrap .edd-payment-icons img.payment-icon{max-height:32px}#edd_checkout_form_wrap .edd-payment-icons .payment-icon{margin:0 10px 0 0}#edd_check
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC1369INData Raw: 63 68 65 63 6b 6f 75 74 5f 66 6f 72 6d 5f 77 72 61 70 20 2e 65 64 64 2d 63 61 72 74 2d 61 64 6a 75 73 74 6d 65 6e 74 20 69 6e 70 75 74 2e 65 64 64 2d 73 75 62 6d 69 74 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7d 23 65 64 64 5f 63 68 65 63 6b 6f 75 74 5f 66 6f 72 6d 5f 77 72 61 70 20 2e 65 64 64 2d 63 61 72 74 2d 61 64 6a 75 73 74 6d 65 6e 74 20 69 6e 70 75 74 2e 65 64 64 2d 73 75 62 6d 69 74 7b 70 61 64 64 69 6e 67 3a 33 70 78 20 31 32 70 78 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 32 70 78 7d 23 65 64 64 5f 63 68 65 63 6b 6f 75 74 5f 66 6f 72 6d 5f 77 72 61 70 20 23 65 64 64 2d 64 69 73 63 6f 75 6e 74 2d 65 72 72 6f 72 2d 77 72 61 70 7b 77 69 64 74 68 3a 31 30 30 25 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b
                                                                                                                                                                                                                          Data Ascii: checkout_form_wrap .edd-cart-adjustment input.edd-submit{display:inline-block}#edd_checkout_form_wrap .edd-cart-adjustment input.edd-submit{padding:3px 12px;margin-bottom:2px}#edd_checkout_form_wrap #edd-discount-error-wrap{width:100%;display:inline-block
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC1369INData Raw: 69 64 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 75 72 6c 28 64 61 74 61 3a 69 6d 61 67 65 2f 73 76 67 2b 78 6d 6c 3b 63 68 61 72 73 65 74 3d 55 53 2d 41 53 43 49 49 2c 25 33 43 73 76 67 25 32 30 78 6d 6c 6e 73 25 33 44 25 32 32 68 74 74 70 25 33 41 25 32 46 25 32 46 77 77 77 2e 77 33 2e 6f 72 67 25 32 46 32 30 30 30 25 32 46 73 76 67 25 32 32 25 32 30 66 69 6c 6c 25 33 44 25 32 32 6e 6f 6e 65 25 32 32 25 32 30 76 69 65 77 42 6f 78 25 33 44 25 32 32 30 25 32 30 30 25 32 30 32 34 25 32 30 32 34 25 32 32 25 32 30 73 74 72 6f 6b 65 2d 77 69 64 74 68 25 33 44 25 32 32 31 2e 35 25 32 32 25 32 30 73 74 72 6f 6b 65 25 33 44 25 32 32 67 72 65 65 6e 25 32 32 25 33 45 25 30 41 25 32 30 25 32 30 25 33 43 70 61 74 68 25 32 30 73 74 72 6f 6b 65 2d 6c 69 6e
                                                                                                                                                                                                                          Data Ascii: id{background-image:url(data:image/svg+xml;charset=US-ASCII,%3Csvg%20xmlns%3D%22http%3A%2F%2Fwww.w3.org%2F2000%2Fsvg%22%20fill%3D%22none%22%20viewBox%3D%220%200%2024%2024%22%20stroke-width%3D%221.5%22%20stroke%3D%22green%22%3E%0A%20%20%3Cpath%20stroke-lin
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC1369INData Raw: 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 6c 65 66 74 3a 2d 33 35 70 78 7d 2e 65 64 64 2d 73 75 62 6d 69 74 2e 62 75 74 74 6f 6e 2e 65 64 64 2d 61 6a 61 78 2d 6c 6f 61 64 69 6e 67 7b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 33 30 70 78 7d 2e 65 64 64 2d 61 64 64 2d 74 6f 2d 63 61 72 74 20 2e 65 64 64 2d 61 64 64 2d 74 6f 2d 63 61 72 74 2d 6c 61 62 65 6c 7b 6f 70 61 63 69 74 79 3a 31 3b 66 69 6c 74 65 72 3a 61 6c 70 68 61 28 6f 70 61 63 69 74 79 3d 31 30 30 29 7d 2e 65 64 64 2d 6c 6f 61 64 69 6e 67 2c 2e 65 64 64 2d 6c 6f 61 64 69 6e 67 3a 61 66 74 65 72 7b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 35 30 25 3b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 77 69 64 74 68 3a 31 2e 35 65 6d 3b 68 65 69 67 68 74 3a 31 2e 35 65 6d 7d 2e 65 64 64 2d 6c
                                                                                                                                                                                                                          Data Ascii: position:relative;left:-35px}.edd-submit.button.edd-ajax-loading{padding-right:30px}.edd-add-to-cart .edd-add-to-cart-label{opacity:1;filter:alpha(opacity=100)}.edd-loading,.edd-loading:after{border-radius:50%;display:block;width:1.5em;height:1.5em}.edd-l
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC1369INData Raw: 64 64 2d 6c 6f 61 64 69 6e 67 7b 6f 70 61 63 69 74 79 3a 31 3b 66 69 6c 74 65 72 3a 61 6c 70 68 61 28 6f 70 61 63 69 74 79 3d 31 30 30 29 7d 2e 65 64 64 2d 63 61 72 74 2d 61 64 64 65 64 2d 61 6c 65 72 74 7b 63 6f 6c 6f 72 3a 23 35 36 37 36 32 32 3b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 7d 2e 65 64 64 5f 66 6f 72 6d 20 69 6e 70 75 74 2e 65 64 64 2d 69 6e 70 75 74 2e 72 65 71 75 69 72 65 64 2c 2e 65 64 64 5f 66 6f 72 6d 20 73 65 6c 65 63 74 2e 65 64 64 2d 73 65 6c 65 63 74 2e 72 65 71 75 69 72 65 64 7b 63 6f 6c 6f 72 3a 23 30 30 30 7d 62 6f 64 79 2e 65 64 64 5f 72 65 63 65 69 70 74 5f 70 61 67 65 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 31 34 31 34 31 32
                                                                                                                                                                                                                          Data Ascii: dd-loading{opacity:1;filter:alpha(opacity=100)}.edd-cart-added-alert{color:#567622;display:block;position:absolute}.edd_form input.edd-input.required,.edd_form select.edd-select.required{color:#000}body.edd_receipt_page{background-color:#fff;color:#141412
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 6e 74 5f 73 74 61 74 75 73 2e 70 65 6e 64 69 6e 67 2c 74 61 62 6c 65 23 65 64 64 5f 70 75 72 63 68 61 73 65 5f 72 65 63 65 69 70 74 20 2e 65 64 64 5f 72 65 63 65 69 70 74 5f 70 61 79 6d 65 6e 74 5f 73 74 61 74 75 73 2e 72 65 76 6f 6b 65 64 7b 63 6f 6c 6f 72 3a 23 66 37 33 66 32 65 7d 74 61 62 6c 65 23 65 64 64 5f 70 75 72 63 68 61 73 65 5f 72 65 63 65 69 70 74 5f 70 72 6f 64 75 63 74 73 20 6c 69 7b 6c 69 73 74 2d 73 74 79 6c 65 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 3a 30 20 30 20 38 70 78 20 31 30 70 78 7d 74 61 62 6c 65 23 65 64 64 5f 70 75 72 63 68 61 73 65 5f 72 65 63 65 69 70 74 5f 70 72 6f 64 75 63 74 73 20 75 6c 2e 65 64 64 5f 70 75 72 63 68 61 73 65 5f 72 65 63 65 69 70 74 5f 66 69 6c 65 73 2c 74 61 62 6c 65 23 65 64 64 5f 70 75 72 63 68 61 73 65 5f
                                                                                                                                                                                                                          Data Ascii: nt_status.pending,table#edd_purchase_receipt .edd_receipt_payment_status.revoked{color:#f73f2e}table#edd_purchase_receipt_products li{list-style:none;margin:0 0 8px 10px}table#edd_purchase_receipt_products ul.edd_purchase_receipt_files,table#edd_purchase_
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 69 6e 70 75 74 7b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 7d 23 65 64 64 5f 6c 6f 67 69 6e 5f 66 6f 72 6d 20 6c 61 62 65 6c 2c 23 65 64 64 5f 72 65 67 69 73 74 65 72 5f 66 6f 72 6d 20 6c 61 62 65 6c 7b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 7d 23 65 64 64 5f 70 72 6f 66 69 6c 65 5f 65 64 69 74 6f 72 5f 66 6f 72 6d 20 70 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 38 70 78 7d 23 65 64 64 5f 70 72 6f 66 69 6c 65 5f 65 64 69 74 6f 72 5f 66 6f 72 6d 20 6c 61 62 65 6c 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7d 23 65 64 64 5f 70 72 6f 66 69 6c 65 5f 65 64 69 74 6f 72 5f 66 6f 72 6d 20 2e 65 64 64 2d 70 72 6f 66 69 6c 65 2d 65 6d 61 69 6c 73 7b 6c 69 73 74 2d 73 74 79 6c 65 2d 74 79 70 65 3a 6e 6f 6e 65 3b 64 69
                                                                                                                                                                                                                          Data Ascii: input{box-sizing:border-box}#edd_login_form label,#edd_register_form label{cursor:pointer}#edd_profile_editor_form p{margin-bottom:8px}#edd_profile_editor_form label{display:inline-block}#edd_profile_editor_form .edd-profile-emails{list-style-type:none;di


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          11192.168.2.449754104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC692OUTGET /wp-content/plugins/edd-software-licensing/assets/css/edd-sl.css?ver=3.8.11 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC828INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:18 GMT
                                                                                                                                                                                                                          Content-Type: text/css
                                                                                                                                                                                                                          Content-Length: 1746
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cf-Bgj: minify
                                                                                                                                                                                                                          Cf-Polished: origSize=1747
                                                                                                                                                                                                                          ETag: "ff698-6d3-60b858a61d46f-gzip"
                                                                                                                                                                                                                          Last-Modified: Sat, 02 Dec 2023 11:54:00 GMT
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: HIT
                                                                                                                                                                                                                          Age: 848
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QGl%2BBu7%2Bztucqf2UGiiv04Al6U5C1jW3EQdmpVI7afyK2vNJbaDLUz0Aq%2FVJe0hcNbHgJFVb9DzodFIQ0QGIILDhlUvGV3nOd3MC2cwmJnqH5bQ2IE8oVfPXyUE%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c21789717fdc-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC541INData Raw: 2e 65 64 64 2d 73 6c 2d 61 63 74 69 76 65 7b 63 6f 6c 6f 72 3a 67 72 65 65 6e 7d 2e 65 64 64 2d 73 6c 2d 69 6e 61 63 74 69 76 65 7b 63 6f 6c 6f 72 3a 67 72 61 79 7d 2e 65 64 64 2d 73 6c 2d 65 78 70 69 72 65 64 7b 63 6f 6c 6f 72 3a 23 64 63 33 32 33 32 7d 2e 65 64 64 5f 73 6c 5f 6c 69 63 65 6e 73 65 5f 72 6f 77 20 2e 76 69 65 77 2d 6b 65 79 2d 77 72 61 70 70 65 72 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 7d 2e 65 64 64 5f 73 6c 5f 6c 69 63 65 6e 73 65 5f 72 6f 77 20 69 6e 70 75 74 2e 65 64 64 5f 73 6c 5f 6c 69 63 65 6e 73 65 5f 6b 65 79 7b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 3b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 6d 61 72 67 69 6e 3a 38 70 78 20 30 20 30 3b 6f 75 74 6c 69 6e 65 3a 6e 6f 6e 65 3b
                                                                                                                                                                                                                          Data Ascii: .edd-sl-active{color:green}.edd-sl-inactive{color:gray}.edd-sl-expired{color:#dc3232}.edd_sl_license_row .view-key-wrapper{position:relative}.edd_sl_license_row input.edd_sl_license_key{border:none;cursor:pointer;display:block;margin:8px 0 0;outline:none;
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1205INData Raw: 74 6f 7d 2e 65 64 64 2d 73 6c 2d 63 68 69 6c 64 2d 6c 69 63 65 6e 73 65 73 20 2e 65 64 64 5f 73 6c 5f 6c 69 63 65 6e 73 65 5f 6b 65 79 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 7d 2e 65 64 64 2d 73 6c 2d 63 68 69 6c 64 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 38 70 78 7d 2e 65 64 64 5f 73 6c 5f 6c 69 63 65 6e 73 65 5f 72 6f 77 20 2e 65 64 64 2d 73 6c 2d 63 68 69 6c 64 20 73 70 61 6e 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 23 65 64 64 5f 63 68 65 63 6b 6f 75 74 5f 66 6f 72 6d 5f 77 72 61 70 20 66 69 65 6c 64 73 65 74 23 65 64 64 5f 73 6c 5f 72 65 6e 65 77 61 6c 5f 66 69 65 6c 64 73 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 61 66 61 66 61 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 65 65 65 3b 70 61 64 64 69 6e 67 3a 31 2e 33 38 37 65 6d
                                                                                                                                                                                                                          Data Ascii: to}.edd-sl-child-licenses .edd_sl_license_key{margin-top:0}.edd-sl-child{margin-bottom:8px}.edd_sl_license_row .edd-sl-child span{display:block}#edd_checkout_form_wrap fieldset#edd_sl_renewal_fields{background:#fafafa;border:1px solid #eee;padding:1.387em


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          12192.168.2.449758104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC697OUTGET /wp-content/plugins/edd-multi-currency/assets/build/style-frontend.css?ver=1.1.1 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC822INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:18 GMT
                                                                                                                                                                                                                          Content-Type: text/css
                                                                                                                                                                                                                          Content-Length: 126
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cf-Bgj: minify
                                                                                                                                                                                                                          Cf-Polished: origSize=127
                                                                                                                                                                                                                          ETag: "ff5bc-7f-60b858a34a9a2-gzip"
                                                                                                                                                                                                                          Last-Modified: Sat, 02 Dec 2023 11:53:57 GMT
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: HIT
                                                                                                                                                                                                                          Age: 6040
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8zHfbw0x3dTQcDBCpfcaOAGXmxfqi9eKiNKcC1E7RPHQqmnWhAKSTYXKd0zb2LFT%2Bbho4bH0mpYdxfjeiF4OMEB3yEHc0zAmMTwtSNuEKU7vbrrF4CLDaq2DkYE%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c21789416fd7-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC126INData Raw: 2e 65 64 64 2d 6d 75 6c 74 69 2d 63 75 72 72 65 6e 63 79 2d 73 65 6c 65 63 74 6f 72 2d 62 75 74 74 6f 6e 73 20 66 6f 72 6d 7b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 66 6c 65 78 2d 77 72 61 70 3a 77 72 61 70 3b 67 61 70 3a 35 70 78 7d 2e 65 64 64 2d 6d 75 6c 74 69 2d 63 75 72 72 65 6e 63 79 2d 62 75 74 74 6f 6e 2d 2d 73 65 6c 65 63 74 65 64 7b 6f 70 61 63 69 74 79 3a 2e 36 7d
                                                                                                                                                                                                                          Data Ascii: .edd-multi-currency-selector-buttons form{display:flex;flex-wrap:wrap;gap:5px}.edd-multi-currency-button--selected{opacity:.6}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          13192.168.2.449756104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC683OUTGET /wp-content/plugins/edd-recurring/assets/css/styles.css?ver=2.12.3 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC828INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:18 GMT
                                                                                                                                                                                                                          Content-Type: text/css
                                                                                                                                                                                                                          Content-Length: 223
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cf-Bgj: minify
                                                                                                                                                                                                                          Cf-Polished: origSize=255
                                                                                                                                                                                                                          ETag: "ff71a-ff-615e2e3975a0c-gzip"
                                                                                                                                                                                                                          Last-Modified: Fri, 12 Apr 2024 09:28:05 GMT
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: HIT
                                                                                                                                                                                                                          Age: 3537
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L%2FKE%2BTGXckP23pnPDqj3fsVSAaXif3rYNqKD30ZfGgXVko64hj7bRnpq9NlUmAbDER0%2B3JhLCg0xGe4Gk8pFJE7S1FzuckIQBA5o%2F1ZGmNtlGrv7QWrdKvMzTn8%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c2178ff83937-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC223INData Raw: 2e 65 64 64 72 2d 6e 6f 74 69 63 65 7b 6d 61 72 67 69 6e 3a 30 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 7d 2e 65 64 64 72 2d 6e 6f 74 69 63 65 2e 76 61 72 69 61 62 6c 65 2d 70 72 69 63 65 73 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 6c 65 66 74 7d 2e 65 64 64 72 2d 63 61 72 74 2d 69 74 65 6d 2d 6e 6f 74 69 63 65 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 6c 65 66 74 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 35 65 6d 7d 2e 65 64 64 2d 72 65 63 75 72 72 69 6e 67 2d 66 61 69 6c 65 64 2d 6c 69 73 74 20 73 70 61 6e 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 35 70 78 3b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 35 70 78 7d
                                                                                                                                                                                                                          Data Ascii: .eddr-notice{margin:0;text-align:center}.eddr-notice.variable-prices{text-align:left}.eddr-cart-item-notice{text-align:left;font-size:.75em}.edd-recurring-failed-list span{display:block;padding-left:15px;padding-bottom:5px}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          14192.168.2.449757104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:17 UTC671OUTGET /wp-content/themes/meminz/css/plugins.css?ver=20240503 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC838INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:18 GMT
                                                                                                                                                                                                                          Content-Type: text/css
                                                                                                                                                                                                                          Content-Length: 250919
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cf-Bgj: minify
                                                                                                                                                                                                                          Cf-Polished: origSize=282080
                                                                                                                                                                                                                          ETag: "103a33-44de0-6178fc0c25763-gzip"
                                                                                                                                                                                                                          Last-Modified: Fri, 03 May 2024 17:07:21 GMT
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: HIT
                                                                                                                                                                                                                          Age: 6495
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PhYCUDpTBuD3OOmxkkpiZGHYo4X7QttR57Enc2KlPjae1hW1EcyN9lwEXIY%2B%2FaQ78dw6qbyiBxqjzwsTJlv7Y1%2FHuPzMt%2FEb4dUyPbUX1TplbOYPggCmre7kYds%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c2179db63891-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC531INData Raw: 40 63 68 61 72 73 65 74 20 22 55 54 46 2d 38 22 3b 2f 2a 21 2a 20 42 6f 6f 74 73 74 72 61 70 20 76 33 2e 33 2e 36 20 28 68 74 74 70 3a 2f 2f 67 65 74 62 6f 6f 74 73 74 72 61 70 2e 63 6f 6d 29 0a 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 31 35 20 54 77 69 74 74 65 72 2c 20 49 6e 63 2e 0a 2a 20 4c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 4d 49 54 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77 62 73 2f 62 6f 6f 74 73 74 72 61 70 2f 62 6c 6f 62 2f 6d 61 73 74 65 72 2f 4c 49 43 45 4e 53 45 29 2a 2f 2f 2a 21 6e 6f 72 6d 61 6c 69 7a 65 2e 63 73 73 20 76 33 2e 30 2e 33 20 7c 20 4d 49 54 20 4c 69 63 65 6e 73 65 20 7c 20 67 69 74 68 75 62 2e 63 6f 6d 2f 6e 65 63 6f 6c 61 73 2f 6e 6f 72 6d 61 6c 69 7a 65 2e 63 73 73 2a 2f 68 74
                                                                                                                                                                                                                          Data Ascii: @charset "UTF-8";/*!* Bootstrap v3.3.6 (http://getbootstrap.com)* Copyright 2011-2015 Twitter, Inc.* Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)*//*!normalize.css v3.0.3 | MIT License | github.com/necolas/normalize.css*/ht
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 64 69 6f 3a 6e 6f 74 28 5b 63 6f 6e 74 72 6f 6c 73 5d 29 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 68 65 69 67 68 74 3a 30 7d 5b 68 69 64 64 65 6e 5d 2c 74 65 6d 70 6c 61 74 65 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 61 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 61 3a 61 63 74 69 76 65 2c 61 3a 68 6f 76 65 72 7b 6f 75 74 6c 69 6e 65 3a 30 7d 61 62 62 72 5b 74 69 74 6c 65 5d 7b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 31 70 78 20 64 6f 74 74 65 64 7d 62 2c 73 74 72 6f 6e 67 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 7d 64 66 6e 7b 66 6f 6e 74 2d 73 74 79 6c 65 3a 69 74 61 6c 69 63 7d 68 31 7b 6d 61 72 67 69 6e 3a 2e 36 37 65 6d 20 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 32 65 6d 7d 6d 61 72 6b 7b 63 6f 6c
                                                                                                                                                                                                                          Data Ascii: dio:not([controls]){display:none;height:0}[hidden],template{display:none}a{background-color:transparent}a:active,a:hover{outline:0}abbr[title]{border-bottom:1px dotted}b,strong{font-weight:700}dfn{font-style:italic}h1{margin:.67em 0;font-size:2em}mark{col
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 6f 78 3b 2d 77 65 62 6b 69 74 2d 61 70 70 65 61 72 61 6e 63 65 3a 74 65 78 74 66 69 65 6c 64 7d 69 6e 70 75 74 5b 74 79 70 65 3d 73 65 61 72 63 68 5d 3a 3a 2d 77 65 62 6b 69 74 2d 73 65 61 72 63 68 2d 63 61 6e 63 65 6c 2d 62 75 74 74 6f 6e 2c 69 6e 70 75 74 5b 74 79 70 65 3d 73 65 61 72 63 68 5d 3a 3a 2d 77 65 62 6b 69 74 2d 73 65 61 72 63 68 2d 64 65 63 6f 72 61 74 69 6f 6e 7b 2d 77 65 62 6b 69 74 2d 61 70 70 65 61 72 61 6e 63 65 3a 6e 6f 6e 65 7d 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 2e 33 35 65 6d 20 2e 36 32 35 65 6d 20 2e 37 35 65 6d 3b 6d 61 72 67 69 6e 3a 30 20 32 70 78 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 73 69 6c 76 65 72 7d 6c 65 67 65 6e 64 7b 70 61 64 64 69 6e 67 3a 30 3b 62 6f 72 64 65 72 3a 30 7d 74 65 78 74 61
                                                                                                                                                                                                                          Data Ascii: ox;-webkit-appearance:textfield}input[type=search]::-webkit-search-cancel-button,input[type=search]::-webkit-search-decoration{-webkit-appearance:none}fieldset{padding:.35em .625em .75em;margin:0 2px;border:1px solid silver}legend{padding:0;border:0}texta
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 6c 61 72 2e 65 6f 74 29 3b 73 72 63 3a 75 72 6c 28 2e 2e 2f 66 6f 6e 74 73 2f 67 6c 79 70 68 69 63 6f 6e 73 2d 68 61 6c 66 6c 69 6e 67 73 2d 72 65 67 75 6c 61 72 2e 65 6f 74 3f 23 69 65 66 69 78 29 20 66 6f 72 6d 61 74 28 27 65 6d 62 65 64 64 65 64 2d 6f 70 65 6e 74 79 70 65 27 29 2c 75 72 6c 28 2e 2e 2f 66 6f 6e 74 73 2f 67 6c 79 70 68 69 63 6f 6e 73 2d 68 61 6c 66 6c 69 6e 67 73 2d 72 65 67 75 6c 61 72 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 2c 75 72 6c 28 2e 2e 2f 66 6f 6e 74 73 2f 67 6c 79 70 68 69 63 6f 6e 73 2d 68 61 6c 66 6c 69 6e 67 73 2d 72 65 67 75 6c 61 72 2e 77 6f 66 66 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 27 29 2c 75 72 6c 28 2e 2e 2f 66 6f 6e 74 73 2f 67 6c 79 70 68 69 63 6f 6e 73 2d 68 61 6c 66 6c 69 6e 67
                                                                                                                                                                                                                          Data Ascii: lar.eot);src:url(../fonts/glyphicons-halflings-regular.eot?#iefix) format('embedded-opentype'),url(../fonts/glyphicons-halflings-regular.woff2) format('woff2'),url(../fonts/glyphicons-halflings-regular.woff) format('woff'),url(../fonts/glyphicons-halfling
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 65 30 31 33 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 72 65 6d 6f 76 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 31 34 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 7a 6f 6f 6d 2d 69 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 31 35 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 7a 6f 6f 6d 2d 6f 75 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 31 36 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 6f 66 66 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 31 37 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 73 69 67 6e 61 6c 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 31 38 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 63 6f 67 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 31 39 22 7d 2e 67 6c 79 70 68
                                                                                                                                                                                                                          Data Ascii: e013"}.glyphicon-remove:before{content:"\e014"}.glyphicon-zoom-in:before{content:"\e015"}.glyphicon-zoom-out:before{content:"\e016"}.glyphicon-off:before{content:"\e017"}.glyphicon-signal:before{content:"\e018"}.glyphicon-cog:before{content:"\e019"}.glyph
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 2e 67 6c 79 70 68 69 63 6f 6e 2d 66 6f 6e 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 34 37 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 62 6f 6c 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 34 38 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 69 74 61 6c 69 63 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 34 39 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 74 65 78 74 2d 68 65 69 67 68 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 35 30 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 74 65 78 74 2d 77 69 64 74 68 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 35 31 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 61 6c 69 67 6e 2d 6c 65 66 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 35 32 22 7d
                                                                                                                                                                                                                          Data Ascii: .glyphicon-font:before{content:"\e047"}.glyphicon-bold:before{content:"\e048"}.glyphicon-italic:before{content:"\e049"}.glyphicon-text-height:before{content:"\e050"}.glyphicon-text-width:before{content:"\e051"}.glyphicon-align-left:before{content:"\e052"}
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 74 65 6e 74 3a 22 5c 65 30 37 39 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 63 68 65 76 72 6f 6e 2d 72 69 67 68 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 38 30 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 70 6c 75 73 2d 73 69 67 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 38 31 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 6d 69 6e 75 73 2d 73 69 67 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 38 32 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 72 65 6d 6f 76 65 2d 73 69 67 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 38 33 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 6f 6b 2d 73 69 67 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 38 34 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 71 75 65 73 74 69
                                                                                                                                                                                                                          Data Ascii: tent:"\e079"}.glyphicon-chevron-right:before{content:"\e080"}.glyphicon-plus-sign:before{content:"\e081"}.glyphicon-minus-sign:before{content:"\e082"}.glyphicon-remove-sign:before{content:"\e083"}.glyphicon-ok-sign:before{content:"\e084"}.glyphicon-questi
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 74 65 6e 74 3a 22 5c 65 31 31 33 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 63 68 65 76 72 6f 6e 2d 64 6f 77 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 31 34 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 72 65 74 77 65 65 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 31 35 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 73 68 6f 70 70 69 6e 67 2d 63 61 72 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 31 36 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 66 6f 6c 64 65 72 2d 63 6c 6f 73 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 31 37 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 66 6f 6c 64 65 72 2d 6f 70 65 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 31 38 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 72
                                                                                                                                                                                                                          Data Ascii: tent:"\e113"}.glyphicon-chevron-down:before{content:"\e114"}.glyphicon-retweet:before{content:"\e115"}.glyphicon-shopping-cart:before{content:"\e116"}.glyphicon-folder-close:before{content:"\e117"}.glyphicon-folder-open:before{content:"\e118"}.glyphicon-r
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 67 6c 79 70 68 69 63 6f 6e 2d 6c 69 6e 6b 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 34 34 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 70 68 6f 6e 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 34 35 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 70 75 73 68 70 69 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 34 36 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 75 73 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 34 38 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 67 62 70 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 34 39 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 73 6f 72 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 35 30 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 73 6f 72 74 2d 62 79 2d 61
                                                                                                                                                                                                                          Data Ascii: glyphicon-link:before{content:"\e144"}.glyphicon-phone:before{content:"\e145"}.glyphicon-pushpin:before{content:"\e146"}.glyphicon-usd:before{content:"\e148"}.glyphicon-gbp:before{content:"\e149"}.glyphicon-sort:before{content:"\e150"}.glyphicon-sort-by-a
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 70 68 69 63 6f 6e 2d 66 6c 6f 70 70 79 2d 6f 70 65 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 37 36 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 63 72 65 64 69 74 2d 63 61 72 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 37 37 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 74 72 61 6e 73 66 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 37 38 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 63 75 74 6c 65 72 79 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 37 39 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 68 65 61 64 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 38 30 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 63 6f 6d 70 72 65 73 73 65 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31
                                                                                                                                                                                                                          Data Ascii: phicon-floppy-open:before{content:"\e176"}.glyphicon-credit-card:before{content:"\e177"}.glyphicon-transfer:before{content:"\e178"}.glyphicon-cutlery:before{content:"\e179"}.glyphicon-header:before{content:"\e180"}.glyphicon-compressed:before{content:"\e1


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          15192.168.2.449759104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC666OUTGET /wp-content/themes/meminz/style.css?ver=202306092 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC833INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:18 GMT
                                                                                                                                                                                                                          Content-Type: text/css
                                                                                                                                                                                                                          Content-Length: 22480
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cf-Bgj: minify
                                                                                                                                                                                                                          Cf-Polished: origSize=29576
                                                                                                                                                                                                                          ETag: "103a23-7388-5fdb385c72331-gzip"
                                                                                                                                                                                                                          Last-Modified: Fri, 09 Jun 2023 14:52:48 GMT
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: HIT
                                                                                                                                                                                                                          Age: 2338
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JQInqfEGpvEJG2TXOurkhCLAaucJDPcXzeqejAvf%2BOaKKKNceuCom8tgJijGs6TWRxiDe2xuNlm4gW1XDA2L8uQvQe45yMaFb9IjobOm%2FeKaxaunPMiZe0kS%2F3M%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c21a1ba93b2f-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC536INData Raw: 2e 77 70 2d 63 61 70 74 69 6f 6e 7b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 7d 2e 77 70 2d 63 61 70 74 69 6f 6e 2d 74 65 78 74 7b 7d 2e 77 70 2d 63 61 70 74 69 6f 6e 20 69 6d 67 7b 7d 2e 67 61 6c 6c 65 72 79 2d 63 61 70 74 69 6f 6e 7b 7d 2e 62 79 70 6f 73 74 61 75 74 68 6f 72 7b 7d 2e 61 6c 69 67 6e 63 65 6e 74 65 72 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 7d 2e 61 6c 69 67 6e 6c 65 66 74 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 6c 65 66 74 7d 2e 61 6c 69 67 6e 72 69 67 68 74 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 72 69 67 68 74 7d 61 73 69 64 65 3e 2e 77 69 64 67 65 74 20 2a 7b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 3b 68 65 69 67 68 74 3a 61 75 74 6f 7d 23 77 70 2d 63 61 6c 65 6e 64 61 72 7b 77 69 64 74 68 3a 31 30 30 25 7d 23 77 70 2d 63 61
                                                                                                                                                                                                                          Data Ascii: .wp-caption{max-width:100%}.wp-caption-text{}.wp-caption img{}.gallery-caption{}.bypostauthor{}.aligncenter{text-align:center}.alignleft{text-align:left}.alignright{text-align:right}aside>.widget *{max-width:100%;height:auto}#wp-calendar{width:100%}#wp-ca
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 67 3a 31 30 70 78 7d 2e 73 74 69 63 6b 79 3e 61 72 74 69 63 6c 65 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 2e 6d 62 2d 31 35 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 35 70 78 7d 2e 77 69 64 67 65 74 5f 61 72 63 68 69 76 65 20 73 65 6c 65 63 74 7b 77 69 64 74 68 3a 31 30 30 25 7d 2e 70 61 67 65 2d 74 69 74 6c 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 34 32 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 34 38 70 78 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 2e 33 33 65 6d 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2e 32 65 6d 7d 74 61 62 6c 65 7b 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 31 70 78 20 31 70 78 20 31 70 78 20 30 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 65 64 65 64 65 64 20 23 65 64 65 64 65 64 20 23
                                                                                                                                                                                                                          Data Ascii: g:10px}.sticky>article{background-color:transparent}.mb-15{margin-bottom:15px}.widget_archive select{width:100%}.page-title{font-size:42px;line-height:48px;margin-bottom:.33em;margin-top:.2em}table{border-width:1px 1px 1px 0;border-color:#ededed #ededed #
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 62 67 20 2e 68 6f 6d 65 2d 63 6f 6e 74 61 69 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 30 20 30 7d 2e 76 69 64 65 6f 2d 77 72 61 70 70 65 72 7b 63 6f 6c 6f 72 3a 23 66 66 66 3b 70 61 64 64 69 6e 67 3a 31 36 30 70 78 20 30 20 30 3b 6d 61 72 67 69 6e 3a 30 3b 77 69 64 74 68 3a 31 30 30 25 3b 68 65 69 67 68 74 3a 31 30 30 25 3b 7a 2d 69 6e 64 65 78 3a 30 7d 2e 68 6f 6d 65 2d 73 6c 69 64 65 72 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 66 6c 6f 61 74 3a 6c 65 66 74 3b 77 69 64 74 68 3a 31 30 30 25 3b 68 65 69 67 68 74 3a 61 75 74 6f 3b 6d 61 72 67 69 6e 3a 34 30 70 78 20 30 20 2d 33 32 35 70 78 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 73 6c 69 64 65 72 2d 77 72 61 70 70 65 72 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6f 76 65 72 66 6c 6f
                                                                                                                                                                                                                          Data Ascii: bg .home-contain{background:0 0}.video-wrapper{color:#fff;padding:160px 0 0;margin:0;width:100%;height:100%;z-index:0}.home-slider{position:relative;float:left;width:100%;height:auto;margin:40px 0 -325px!important}.slider-wrapper{position:absolute;overflo
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 77 69 64 74 68 3a 34 38 70 78 3b 68 65 69 67 68 74 3a 32 32 70 78 3b 7a 2d 69 6e 64 65 78 3a 32 3b 62 6f 74 74 6f 6d 3a 2d 32 32 70 78 3b 72 69 67 68 74 3a 31 35 70 78 7d 2e 74 65 73 74 69 6d 6f 6e 69 2d 61 75 74 68 6f 72 7b 66 6c 6f 61 74 3a 72 69 67 68 74 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 72 69 67 68 74 7d 2e 74 65 73 74 69 6d 6f 6e 69 2d 61 75 74 68 6f 72 20 68 35 2c 2e 74 65 73 74 69 6d 6f 6e 69 2d 61 75 74 68 6f 72 20 70 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 35 70 78 7d 2e 74 65 73 74 69 6d 6f 6e 69 2d 61 75 74 68 6f 72 20 2e 61 75 74 68 6f 72 2d 69 6e 66 6f 7b 66 6c 6f 61 74 3a 6c 65 66 74 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 35 70 78 7d 2e 74 65 73 74 69 6d 6f 6e 69 2d 61 75 74 68 6f 72 20 69 6d 67 7b
                                                                                                                                                                                                                          Data Ascii: ion:absolute;width:48px;height:22px;z-index:2;bottom:-22px;right:15px}.testimoni-author{float:right;text-align:right}.testimoni-author h5,.testimoni-author p{margin-bottom:5px}.testimoni-author .author-info{float:left;margin-top:5px}.testimoni-author img{
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 63 65 6e 74 65 72 7d 2e 70 72 69 63 69 6e 67 2d 77 72 61 70 70 65 72 20 75 6c 20 6c 69 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 69 6d 67 2f 70 72 69 63 69 6e 67 2d 6c 69 6e 65 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 20 62 6f 74 74 6f 6d 20 63 65 6e 74 65 72 3b 66 6c 6f 61 74 3a 6c 65 66 74 3b 77 69 64 74 68 3a 31 30 30 25 3b 6c 69 73 74 2d 73 74 79 6c 65 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 38 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 38 70 78 7d 2e 70 72 69 63 69 6e 67 2d 77 72 61 70 70 65 72 20 75 6c 20 6c 69 20 73 74 72 6f 6e 67 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 3b 74 65 78 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 75 70 70 65 72 63 61 73 65 7d 2e
                                                                                                                                                                                                                          Data Ascii: center}.pricing-wrapper ul li{background:url(img/pricing-line.png) no-repeat bottom center;float:left;width:100%;list-style:none;margin:0;padding:20px;font-size:18px;line-height:18px}.pricing-wrapper ul li strong{font-weight:700;text-transform:uppercase}.
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 7d 75 6c 2e 6c 69 73 74 46 6f 72 6d 20 6c 69 20 2e 66 6f 72 6d 2d 63 6f 6e 74 72 6f 6c 3a 3a 2d 77 65 62 6b 69 74 2d 69 6e 70 75 74 2d 70 6c 61 63 65 68 6f 6c 64 65 72 7b 63 6f 6c 6f 72 3a 72 67 62 61 28 32 35 35 2c 32 35 35 2c 32 35 35 2c 2e 34 29 7d 75 6c 2e 6c 69 73 74 46 6f 72 6d 20 6c 69 20 2e 66 6f 72 6d 2d 63 6f 6e 74 72 6f 6c 7b 62 6f 72 64 65 72 3a 32 70 78 20 73 6f 6c 69 64 20 72 67 62 61 28 32 35 35 2c 32 35 35 2c 32 35 35 2c 2e 34 29 3b 63 6f 6c 6f 72 3a 72 67 62 61 28 32 35 35 2c 32 35 35 2c 32 35 35 2c 2e 36 29 3b 68 65 69 67 68 74 3a 35 30 70 78 3b 70 61 64 64 69 6e 67 3a 31 30 70 78 20 32 35 70 78 20 31 30 70 78 20 38 30 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 30 20 30 3b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e
                                                                                                                                                                                                                          Data Ascii: }ul.listForm li .form-control::-webkit-input-placeholder{color:rgba(255,255,255,.4)}ul.listForm li .form-control{border:2px solid rgba(255,255,255,.4);color:rgba(255,255,255,.6);height:50px;padding:10px 25px 10px 80px;background:0 0;-webkit-box-shadow:non
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 73 65 63 2c 23 64 6f 77 6e 6c 6f 61 64 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 75 72 6c 28 69 6d 67 2f 62 67 33 2e 6a 70 67 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 72 65 70 65 61 74 3a 6e 6f 2d 72 65 70 65 61 74 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 61 74 74 61 63 68 6d 65 6e 74 3a 66 69 78 65 64 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 66 6f 6e 74 2d 73 69 7a 65 3a 32 34 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 33 36 70 78 3b 63 6f 6c 6f 72 3a 23 66 66 66 7d 2e 64 6f 77 6e 6c 6f 61 64 5f 73 65 63 20 68 33 2c 23 64 6f 77 6e 6c 6f 61 64 20 68 33 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 32 30 70 78 3b 63 6f 6c 6f 72 3a 23 66 66 66 3b 66 6f 6e 74 2d 73
                                                                                                                                                                                                                          Data Ascii: sec,#download{background-image:url(img/bg3.jpg);background-position:0 0;background-repeat:no-repeat;background-attachment:fixed;text-align:center;font-size:24px;line-height:36px;color:#fff}.download_sec h3,#download h3{margin-bottom:20px;color:#fff;font-s
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 73 74 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 34 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 77 69 64 74 68 3a 34 32 30 70 78 3b 68 65 69 67 68 74 3a 61 75 74 6f 3b 6d 61 72 67 69 6e 3a 30 20 61 75 74 6f 3b 63 6f 6c 6f 72 3a 23 34 39 34 39 34 39 3b 70 61 64 64 69 6e 67 3a 30 7d 2e 73 6f 73 63 69 61 6c 2d 6c 6f 67 2c 2e 73 6f 73 63 69 61 6c 2d 6c 6f 67 3a 66 6f 63 75 73 2c 2e 73 6f 73 63 69 61 6c 2d 6c 6f 67 3a 61 63 74 69 76 65 7b 63 6f 6c 6f 72 3a 23 66 66 66 3b 70 61 64 64 69 6e 67 3a 30 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 6d 69 6e 2d 77 69 64 74 68 3a 32 36 38 70 78 7d 2e 73 6f 73 63 69 61 6c 2d 6c 6f 67 20 69 7b 66 6c 6f 61 74 3a 6c 65 66 74 3b 64 69
                                                                                                                                                                                                                          Data Ascii: ster{background:#fff;border-radius:4px;overflow:hidden;width:420px;height:auto;margin:0 auto;color:#494949;padding:0}.soscial-log,.soscial-log:focus,.soscial-log:active{color:#fff;padding:0;display:inline-block;min-width:268px}.soscial-log i{float:left;di
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 61 73 65 2d 69 6e 2d 6f 75 74 20 2e 31 35 73 2c 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 2e 31 35 73 3b 2d 6f 2d 74 72 61 6e 73 69 74 69 6f 6e 3a 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 2e 31 35 73 2c 62 6f 78 2d 73 68 61 64 6f 77 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 2e 31 35 73 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 2e 31 35 73 2c 62 6f 78 2d 73 68 61 64 6f 77 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 2e 31 35 73 7d 2e 6c 6f 67 69 6e 2d 72 65 67 69 73 74 65 72 20 2e 66 6f 72 6d 2d 63 6f 6e 74 72 6f 6c 3a 3a 2d 6d 6f 7a 2d 70 6c 61 63 65 68 6f 6c 64 65 72 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 6f 70 61
                                                                                                                                                                                                                          Data Ascii: ase-in-out .15s,-webkit-box-shadow ease-in-out .15s;-o-transition:border-color ease-in-out .15s,box-shadow ease-in-out .15s;transition:border-color ease-in-out .15s,box-shadow ease-in-out .15s}.login-register .form-control::-moz-placeholder{color:#777;opa
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 3b 6d 61 72 67 69 6e 3a 30 20 30 20 32 30 70 78 7d 61 73 69 64 65 20 2e 77 69 64 67 65 74 20 2e 68 65 61 64 20 73 70 61 6e 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 77 69 64 74 68 3a 36 30 70 78 3b 68 65 69 67 68 74 3a 31 70 78 3b 6c 65 66 74 3a 30 3b 62 6f 74 74 6f 6d 3a 2d 31 70 78 7d 2e 72 65 63 65 6e 74 7b 66 6c 6f 61 74 3a 6c 65 66 74 3b 77 69 64 74 68 3a 31 30 30 25 3b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 2e 72 65 63 65 6e 74 20 6c 69 7b 66 6c 6f 61 74 3a 6c 65 66 74 3b 77 69 64 74 68 3a 31 30 30 25 3b 6c 69 73 74 2d 73 74 79 6c 65 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 32 30 70 78 3b 70 61 64 64 69 6e 67 3a 30 3b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d
                                                                                                                                                                                                                          Data Ascii: ;margin:0 0 20px}aside .widget .head span{position:absolute;display:block;width:60px;height:1px;left:0;bottom:-1px}.recent{float:left;width:100%;margin:0;padding:0}.recent li{float:left;width:100%;list-style:none;margin:10px 0 20px;padding:0;border-bottom


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          16192.168.2.449760104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC694OUTGET /wp-content/themes/meminz/css/custom.css?ver=35eac6e98b37c7568cceeeeb456d12a3 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC834INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:18 GMT
                                                                                                                                                                                                                          Content-Type: text/css
                                                                                                                                                                                                                          Content-Length: 7857
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cf-Bgj: minify
                                                                                                                                                                                                                          Cf-Polished: origSize=10657
                                                                                                                                                                                                                          ETag: "103a2b-29a1-528f51cfd1580-gzip"
                                                                                                                                                                                                                          Last-Modified: Sun, 10 Jan 2016 06:41:42 GMT
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: HIT
                                                                                                                                                                                                                          Age: 2857
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I5%2FdHcfSnpPY2BnX7JG9VlNitRjY4Bt%2BvNcKPE89kZnsb8nschwMDjpBYUxAmIe21MXZBCM0zzbZQB%2F%2BwzvcF2gY94U0lIvDoe9X6JQkLKlSzKInhBrJnE6u70Q%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c21a2d2181af-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC535INData Raw: 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 77 69 64 74 68 3a 37 38 33 70 78 29 7b 2e 61 64 6d 69 6e 2d 62 61 72 20 2e 6e 61 76 62 61 72 2d 66 69 78 65 64 2d 74 6f 70 7b 74 6f 70 3a 33 32 70 78 7d 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 77 69 64 74 68 3a 36 30 30 70 78 29 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 38 32 70 78 29 7b 2e 61 64 6d 69 6e 2d 62 61 72 20 2e 6e 61 76 62 61 72 2d 66 69 78 65 64 2d 74 6f 70 7b 74 6f 70 3a 34 36 70 78 7d 7d 2e 63 74 68 2d 73 69 6e 67 6c 65 20 69 6d 67 7b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 3b 68 65 69 67 68 74 3a 61 75 74 6f 7d 2e 63 74 68 2d 70 61 67 65 63 6f 6e 74 65 6e 74 20 69 6d 67 7b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 3b 68 65 69 67
                                                                                                                                                                                                                          Data Ascii: @media screen and (min-width:783px){.admin-bar .navbar-fixed-top{top:32px}}@media screen and (min-width:600px) and (max-width:782px){.admin-bar .navbar-fixed-top{top:46px}}.cth-single img{max-width:100%;height:auto}.cth-pagecontent img{max-width:100%;heig
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 20 75 6c 2e 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 3e 6c 69 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 32 65 32 65 32 65 3b 70 61 64 64 69 6e 67 3a 30 7d 2e 6d 65 6d 69 6e 7a 5f 6d 61 69 6e 2d 6e 61 76 20 75 6c 2e 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 3e 6c 69 3e 61 7b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 2e 6d 65 6d 69 6e 7a 5f 6d 61 69 6e 2d 6e 61 76 20 75 6c 2e 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 3e 6c 69 3e 61 3a 68 6f 76 65 72 2c 2e 6d 65 6d 69 6e 7a 5f 6d 61 69 6e 2d 6e 61 76 20 75 6c 2e 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 3e 6c 69 3e 61 3a 66 6f 63 75 73 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 2e 6d 65 6d 69 6e 7a 5f 6d 61 69 6e 2d 6e 61 76 20 75 6c 2e 64 72 6f 70 64 6f 77 6e
                                                                                                                                                                                                                          Data Ascii: ul.dropdown-menu>li{background-color:#2e2e2e;padding:0}.meminz_main-nav ul.dropdown-menu>li>a{padding:15px}.meminz_main-nav ul.dropdown-menu>li>a:hover,.meminz_main-nav ul.dropdown-menu>li>a:focus{background-color:transparent}.meminz_main-nav ul.dropdown
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 78 2d 73 68 61 64 6f 77 3a 30 20 33 70 78 20 39 70 78 20 72 67 62 61 28 30 2c 30 2c 30 2c 2e 35 29 7d 23 6c 6f 67 69 6e 41 6a 61 78 4d 6f 64 61 6c 20 2e 6d 6f 64 61 6c 2d 62 6f 64 79 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 70 61 64 64 69 6e 67 3a 30 7d 40 6d 65 64 69 61 28 6d 69 6e 2d 77 69 64 74 68 3a 37 36 38 70 78 29 7b 23 6c 6f 67 69 6e 41 6a 61 78 4d 6f 64 61 6c 20 2e 6d 6f 64 61 6c 2d 64 69 61 6c 6f 67 7b 77 69 64 74 68 3a 34 32 30 70 78 3b 6d 61 72 67 69 6e 3a 35 30 70 78 20 61 75 74 6f 7d 23 6c 6f 67 69 6e 41 6a 61 78 4d 6f 64 61 6c 20 2e 6d 6f 64 61 6c 2d 63 6f 6e 74 65 6e 74 7b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 35 70 78 20 31 35 70 78 20 72 67 62 61 28 30 2c 30 2c 30 2c 2e 35 29 3b 62 6f 78 2d 73 68
                                                                                                                                                                                                                          Data Ascii: x-shadow:0 3px 9px rgba(0,0,0,.5)}#loginAjaxModal .modal-body{position:relative;padding:0}@media(min-width:768px){#loginAjaxModal .modal-dialog{width:420px;margin:50px auto}#loginAjaxModal .modal-content{-webkit-box-shadow:0 5px 15px rgba(0,0,0,.5);box-sh
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 3e 75 6c 20 6c 69 20 61 3a 62 65 66 6f 72 65 2c 2e 77 69 64 67 65 74 5f 63 61 74 65 67 6f 72 69 65 73 3e 75 6c 20 6c 69 20 61 3a 62 65 66 6f 72 65 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 70 65 2d 69 63 6f 6e 2d 37 2d 73 74 72 6f 6b 65 3b 73 70 65 61 6b 3a 6e 6f 6e 65 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 3b 66 6f 6e 74 2d 76 61 72 69 61 6e 74 3a 6e 6f 72 6d 61 6c 3b 74 65 78 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 6e 6f 6e 65 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 3b 2d 77 65 62 6b 69 74 2d 66 6f 6e 74 2d 73 6d 6f 6f 74 68 69 6e 67 3a 61 6e 74 69 61 6c 69 61 73 65 64 3b 2d 6d 6f 7a 2d 6f 73 78 2d 66 6f 6e 74 2d 73 6d 6f 6f 74 68 69
                                                                                                                                                                                                                          Data Ascii: >ul li a:before,.widget_categories>ul li a:before{display:inline-block;font-family:pe-icon-7-stroke;speak:none;font-style:normal;font-weight:400;font-variant:normal;text-transform:none;line-height:1;-webkit-font-smoothing:antialiased;-moz-osx-font-smoothi
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 74 65 6e 74 20 75 6c 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 30 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 77 70 74 5f 77 69 64 67 65 74 5f 63 6f 6e 74 65 6e 74 20 2e 74 61 62 2d 63 6f 6e 74 65 6e 74 20 6c 69 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 30 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 74 61 67 63 6c 6f 75 64 3e 61 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 3b 6c 69 73 74 2d 73 74 79 6c 65 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 3b 63 6f 6c 6f 72 3a 23 36 32 36 32 36 32 3b 66 6c 6f 61 74 3a 6c 65 66 74 3b 70 61 64 64 69 6e 67 3a 30 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 32 70 78 3b 6d 61 72 67 69 6e 3a 35 70 78 20 31 30 70 78 20 35 70 78 20 30 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 3b 62 6f 72
                                                                                                                                                                                                                          Data Ascii: tent ul{padding-left:0!important}.wpt_widget_content .tab-content li{padding-left:0!important}.tagcloud>a{margin:0;padding:0;list-style:none;margin:0;padding:0;color:#626262;float:left;padding:0;border-radius:2px;margin:5px 10px 5px 0;border:1px solid;bor
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 73 61 62 6c 65 64 2c 23 6d 65 6d 69 6e 7a 5f 73 75 62 6d 69 74 5b 64 69 73 61 62 6c 65 64 5d 2c 66 69 65 6c 64 73 65 74 5b 64 69 73 61 62 6c 65 64 5d 20 23 6d 65 6d 69 6e 7a 5f 73 75 62 6d 69 74 7b 70 6f 69 6e 74 65 72 2d 65 76 65 6e 74 73 3a 6e 6f 6e 65 3b 63 75 72 73 6f 72 3a 6e 6f 74 2d 61 6c 6c 6f 77 65 64 3b 66 69 6c 74 65 72 3a 61 6c 70 68 61 28 6f 70 61 63 69 74 79 3d 36 35 29 3b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 3b 6f 70 61 63 69 74 79 3a 2e 36 35 7d 23 6d 65 6d 69 6e 7a 5f 73 75 62 6d 69 74 2c 23 6d 65 6d 69 6e 7a 5f 73 75 62 6d 69 74 3a 68 6f 76 65 72 2c 23 6d 65 6d 69 6e 7a 5f 73 75 62 6d 69 74 3a 66 6f 63 75 73 2c 23 6d 65 6d 69 6e 7a 5f 73 75 62 6d 69 74 3a 61
                                                                                                                                                                                                                          Data Ascii: sabled,#meminz_submit[disabled],fieldset[disabled] #meminz_submit{pointer-events:none;cursor:not-allowed;filter:alpha(opacity=65);-webkit-box-shadow:none;box-shadow:none;opacity:.65}#meminz_submit,#meminz_submit:hover,#meminz_submit:focus,#meminz_submit:a
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC477INData Raw: 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 40 6d 65 64 69 61 28 6d 69 6e 2d 77 69 64 74 68 3a 39 39 32 70 78 29 7b 2e 66 6c 65 78 2d 6e 6f 6e 61 76 20 2e 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 2d 6e 61 76 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 2e 66 6c 65 78 2d 6e 6f 6e 61 76 3a 68 6f 76 65 72 20 2e 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 2d 6e 61 76 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 7d 2e 68 6f 6d 65 2d 77 72 61 70 70 65 72 20 2e 65 64 64 5f 64 6f 77 6e 6c 6f 61 64 5f 70 75 72 63 68 61 73 65 5f 66 6f 72 6d 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7d 2e 77 70 63 66 37 2d 63 61 70 74 63 68 61 72 7b 63 6f 6c 6f 72 3a 23 34 34 34 7d 2e 66 6c 65 78 73 6c 69 64 65 72 20 2e 73 6c 69 64 65 73 20 69 6d 67 2c 2e 69 6d 61
                                                                                                                                                                                                                          Data Ascii: or:transparent}@media(min-width:992px){.flex-nonav .flex-direction-nav{display:none}.flex-nonav:hover .flex-direction-nav{display:block}}.home-wrapper .edd_download_purchase_form{display:inline-block}.wpcf7-captchar{color:#444}.flexslider .slides img,.ima


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          17192.168.2.449761104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC702OUTGET /wp-content/themes/meminz/skins/default/skin.css?ver=35eac6e98b37c7568cceeeeb456d12a3 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC835INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:18 GMT
                                                                                                                                                                                                                          Content-Type: text/css
                                                                                                                                                                                                                          Content-Length: 3661
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cf-Bgj: minify
                                                                                                                                                                                                                          Cf-Polished: origSize=4102
                                                                                                                                                                                                                          ETag: "104857-1006-5b7f470ca1ff8-gzip"
                                                                                                                                                                                                                          Last-Modified: Sun, 03 Jan 2021 00:56:15 GMT
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: HIT
                                                                                                                                                                                                                          Age: 6485
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pzbx3me%2F0xr4NDAzXsy2fdX5hzqzTEVyq9uD4%2FR7QycMCs3u7%2BQYZ5Sr3dOUc2Isdyz7Jd9Byom%2BpQNfE9Vz6zH%2Bo39kLebmweksbvyfxPeU2VXlqbxJRw5T2H8%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c21a3b9d5a8e-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC534INData Raw: 61 2c 61 3a 66 6f 63 75 73 2c 61 3a 68 6f 76 65 72 2c 61 3a 61 63 74 69 76 65 2c 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 68 6f 76 65 72 2c 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 2e 73 65 6c 65 63 74 65 64 2c 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 2c 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2e 61 63 74 69 76 65 20 61 2c 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 3a 68 6f 76 65 72 2c 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e
                                                                                                                                                                                                                          Data Ascii: a,a:focus,a:hover,a:active,.navbar-default .navbar-nav li a:hover,.navbar-default .navbar-nav li a.selected,.navbar-default .navbar-nav .active a,.navbar-default .navbar-nav .dropdown.active a,.navbar-default .navbar-nav .active a:hover,.navbar-default .n
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 6e 5f 68 65 61 64 65 72 20 61 3a 68 6f 76 65 72 20 69 2c 2e 63 6f 75 6e 74 65 72 2d 6e 75 6d 62 65 72 2c 2e 70 72 69 63 69 6e 67 2d 68 65 61 64 2e 70 6f 70 75 6c 61 72 20 2e 70 72 69 63 69 6e 67 2d 70 72 69 63 65 2c 2e 76 61 6c 69 64 61 74 69 6f 6e 2c 2e 77 69 64 67 65 74 5f 6e 61 76 5f 6d 65 6e 75 3e 64 69 76 3e 75 6c 20 6c 69 20 61 3a 68 6f 76 65 72 2c 2e 77 69 64 67 65 74 5f 72 73 73 3e 75 6c 20 6c 69 20 61 3a 68 6f 76 65 72 2c 2e 77 69 64 67 65 74 5f 72 65 63 65 6e 74 5f 63 6f 6d 6d 65 6e 74 73 3e 75 6c 20 6c 69 20 61 3a 68 6f 76 65 72 2c 2e 77 69 64 67 65 74 5f 72 65 63 65 6e 74 5f 65 6e 74 72 69 65 73 3e 75 6c 20 6c 69 20 61 3a 68 6f 76 65 72 2c 2e 77 69 64 67 65 74 5f 6d 65 74 61 3e 75 6c 20 6c 69 20 61 3a 68 6f 76 65 72 2c 2e 77 69 64 67 65 74 5f
                                                                                                                                                                                                                          Data Ascii: n_header a:hover i,.counter-number,.pricing-head.popular .pricing-price,.validation,.widget_nav_menu>div>ul li a:hover,.widget_rss>ul li a:hover,.widget_recent_comments>ul li a:hover,.widget_recent_entries>ul li a:hover,.widget_meta>ul li a:hover,.widget_
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 6c 2d 63 6f 6e 74 72 6f 6c 73 20 2e 6f 77 6c 2d 62 75 74 74 6f 6e 73 20 64 69 76 2e 6f 77 6c 2d 6e 65 78 74 3a 68 6f 76 65 72 2c 23 74 6f 54 6f 70 48 6f 76 65 72 2c 2e 6c 6f 67 2d 74 61 62 73 20 6c 69 20 61 2c 2e 6c 6f 67 2d 74 61 62 73 20 6c 69 20 61 3a 68 6f 76 65 72 2c 2e 6c 6f 67 2d 74 61 62 73 20 6c 69 20 61 3a 66 6f 63 75 73 2c 2e 6c 6f 67 2d 74 61 62 73 20 6c 69 20 61 3a 61 63 74 69 76 65 2c 2e 74 61 67 63 6c 6f 75 64 20 61 3a 68 6f 76 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 35 35 65 32 35 7d 2e 74 61 67 63 6c 6f 75 64 3e 61 3a 68 6f 76 65 72 7b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 63 6f 6c 6f 72 3a 23 66 66 66 21 69 6d 70 6f 72 74 61 6e 74 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23
                                                                                                                                                                                                                          Data Ascii: l-controls .owl-buttons div.owl-next:hover,#toTopHover,.log-tabs li a,.log-tabs li a:hover,.log-tabs li a:focus,.log-tabs li a:active,.tagcloud a:hover{background-color:#f55e25}.tagcloud>a:hover{text-decoration:none;color:#fff!important;background-color:#
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC389INData Raw: 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 68 6f 76 65 72 2c 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 2e 73 65 6c 65 63 74 65 64 2c 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 2c 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2e 61 63 74 69 76 65 20 61 2c 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 3a 68 6f 76 65 72 2c 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2e 61 63 74 69 76 65 20 61 3a 68 6f 76 65 72 2c
                                                                                                                                                                                                                          Data Ascii: default .navbar-nav li a:hover,.navbar-default .navbar-nav li a.selected,.navbar-default .navbar-nav .active a,.navbar-default .navbar-nav .dropdown.active a,.navbar-default .navbar-nav .active a:hover,.navbar-default .navbar-nav .dropdown.active a:hover,


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          18192.168.2.449762104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC687OUTGET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=7.6 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC765INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:18 GMT
                                                                                                                                                                                                                          Content-Type: text/css
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Fri, 12 Apr 2024 09:28:07 GMT
                                                                                                                                                                                                                          ETag: W/"10042c-7171c-615e2e3b5a03e-gzip"
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: EXPIRED
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cLa8OAEpN5LYJ%2BDWGG00auCxlIs17v3VetE7lphePFewT5O85ene6NggQ9FUvmFYEhBFgHirGAn4MxZcW9yGWJm94aKSDxJpa0FDLyKo2yu4x5Q2YUKTpWBp%2Bi0%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c21a4aaf0818-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC604INData Raw: 37 63 62 36 0d 0a 2f 2a 21 0a 20 2a 20 57 50 42 61 6b 65 72 79 20 50 61 67 65 20 42 75 69 6c 64 65 72 20 76 36 2e 30 2e 30 20 28 68 74 74 70 73 3a 2f 2f 77 70 62 61 6b 65 72 79 2e 63 6f 6d 29 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 32 34 20 4d 69 63 68 61 65 6c 20 4d 2c 20 57 50 42 61 6b 65 72 79 0a 20 2a 20 4c 69 63 65 6e 73 65 3a 20 43 6f 6d 6d 65 72 63 69 61 6c 2e 20 4d 6f 72 65 20 64 65 74 61 69 6c 73 3a 20 68 74 74 70 3a 2f 2f 67 6f 2e 77 70 62 61 6b 65 72 79 2e 63 6f 6d 2f 6c 69 63 65 6e 73 69 6e 67 0a 20 2a 2f 0a 0a 2e 76 63 5f 72 6f 77 3a 61 66 74 65 72 2c 2e 76 63 5f 72 6f 77 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 20 22 3b 64 69 73 70 6c 61 79 3a 74 61 62 6c 65 7d 2e 76 63 5f 72 6f 77 3a 61 66 74 65 72 7b 63 6c
                                                                                                                                                                                                                          Data Ascii: 7cb6/*! * WPBakery Page Builder v6.0.0 (https://wpbakery.com) * Copyright 2011-2024 Michael M, WPBakery * License: Commercial. More details: http://go.wpbakery.com/licensing */.vc_row:after,.vc_row:before{content:" ";display:table}.vc_row:after{cl
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 66 6c 6f 61 74 3a 6c 65 66 74 3b 77 69 64 74 68 3a 38 2e 33 33 33 33 33 33 33 33 25 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 70 78 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 35 70 78 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 31 35 70 78 7d 2e 76 63 5f 6e 6f 6e 5f 72 65 73 70 6f 6e 73 69 76 65 20 2e 76 63 5f 72 6f 77 20 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 32 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 66 6c 6f 61 74 3a 6c 65 66 74 3b 77 69 64 74 68 3a 31 36 2e 36 36 36 36 36 36 36 37 25 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 70 78 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 35 70 78 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 31 35 70 78 7d 2e 76 63 5f 6e 6f 6e 5f 72 65 73 70 6f 6e 73 69 76 65
                                                                                                                                                                                                                          Data Ascii: sition:relative;float:left;width:8.33333333%;min-height:1px;padding-left:15px;padding-right:15px}.vc_non_responsive .vc_row .vc_col-sm-2{position:relative;float:left;width:16.66666667%;min-height:1px;padding-left:15px;padding-right:15px}.vc_non_responsive
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 31 31 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 66 6c 6f 61 74 3a 6c 65 66 74 3b 77 69 64 74 68 3a 39 31 2e 36 36 36 36 36 36 36 37 25 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 70 78 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 35 70 78 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 31 35 70 78 7d 2e 76 63 5f 6e 6f 6e 5f 72 65 73 70 6f 6e 73 69 76 65 20 2e 76 63 5f 72 6f 77 20 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 31 32 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 66 6c 6f 61 74 3a 6c 65 66 74 3b 77 69 64 74 68 3a 31 30 30 25 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 70 78 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 35 70 78 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 31 35 70 78 7d 2e 76 63 5f 6e 6f 6e 5f 72 65 73 70 6f 6e 73 69 76 65 20
                                                                                                                                                                                                                          Data Ascii: 11{position:relative;float:left;width:91.66666667%;min-height:1px;padding-left:15px;padding-right:15px}.vc_non_responsive .vc_row .vc_col-sm-12{position:relative;float:left;width:100%;min-height:1px;padding-left:15px;padding-right:15px}.vc_non_responsive
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 66 6c 6f 61 74 3a 6c 65 66 74 3b 77 69 64 74 68 3a 34 30 25 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 70 78 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 35 70 78 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 31 35 70 78 7d 2e 76 63 5f 6e 6f 6e 5f 72 65 73 70 6f 6e 73 69 76 65 20 2e 76 63 5f 72 6f 77 20 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 33 5c 2f 35 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 66 6c 6f 61 74 3a 6c 65 66 74 3b 77 69 64 74 68 3a 36 30 25 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 70 78 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 35 70 78 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 31 35 70 78 7d 2e 76 63 5f 6e 6f 6e 5f 72 65 73 70 6f 6e 73 69 76 65 20 2e 76 63 5f 72 6f 77 20 2e 76 63
                                                                                                                                                                                                                          Data Ascii: position:relative;float:left;width:40%;min-height:1px;padding-left:15px;padding-right:15px}.vc_non_responsive .vc_row .vc_col-sm-3\/5{position:relative;float:left;width:60%;min-height:1px;padding-left:15px;padding-right:15px}.vc_non_responsive .vc_row .vc
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 63 6f 6c 2d 73 6d 2d 34 2c 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 35 2c 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 36 2c 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 37 2c 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 38 2c 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 39 2c 2e 76 63 5f 63 6f 6c 2d 78 73 2d 31 2c 2e 76 63 5f 63 6f 6c 2d 78 73 2d 31 30 2c 2e 76 63 5f 63 6f 6c 2d 78 73 2d 31 31 2c 2e 76 63 5f 63 6f 6c 2d 78 73 2d 31 32 2c 2e 76 63 5f 63 6f 6c 2d 78 73 2d 32 2c 2e 76 63 5f 63 6f 6c 2d 78 73 2d 33 2c 2e 76 63 5f 63 6f 6c 2d 78 73 2d 34 2c 2e 76 63 5f 63 6f 6c 2d 78 73 2d 35 2c 2e 76 63 5f 63 6f 6c 2d 78 73 2d 36 2c 2e 76 63 5f 63 6f 6c 2d 78 73 2d 37 2c 2e 76 63 5f 63 6f 6c 2d 78 73 2d 38 2c 2e 76 63 5f 63 6f 6c 2d 78 73 2d 39 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 6d 69 6e 2d
                                                                                                                                                                                                                          Data Ascii: col-sm-4,.vc_col-sm-5,.vc_col-sm-6,.vc_col-sm-7,.vc_col-sm-8,.vc_col-sm-9,.vc_col-xs-1,.vc_col-xs-10,.vc_col-xs-11,.vc_col-xs-12,.vc_col-xs-2,.vc_col-xs-3,.vc_col-xs-4,.vc_col-xs-5,.vc_col-xs-6,.vc_col-xs-7,.vc_col-xs-8,.vc_col-xs-9{position:relative;min-
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 2d 78 73 2d 32 7b 77 69 64 74 68 3a 31 36 2e 36 36 36 36 36 36 36 37 25 7d 2e 76 63 5f 63 6f 6c 2d 78 73 2d 31 7b 77 69 64 74 68 3a 38 2e 33 33 33 33 33 33 33 33 25 7d 2e 76 63 5f 63 6f 6c 2d 78 73 2d 70 75 6c 6c 2d 31 32 7b 72 69 67 68 74 3a 31 30 30 25 7d 2e 76 63 5f 63 6f 6c 2d 78 73 2d 70 75 6c 6c 2d 31 31 7b 72 69 67 68 74 3a 39 31 2e 36 36 36 36 36 36 36 37 25 7d 2e 76 63 5f 63 6f 6c 2d 78 73 2d 70 75 6c 6c 2d 31 30 7b 72 69 67 68 74 3a 38 33 2e 33 33 33 33 33 33 33 33 25 7d 2e 76 63 5f 63 6f 6c 2d 78 73 2d 70 75 6c 6c 2d 39 7b 72 69 67 68 74 3a 37 35 25 7d 2e 76 63 5f 63 6f 6c 2d 78 73 2d 70 75 6c 6c 2d 38 7b 72 69 67 68 74 3a 36 36 2e 36 36 36 36 36 36 36 37 25 7d 2e 76 63 5f 63 6f 6c 2d 78 73 2d 70 75 6c 6c 2d 37 7b 72 69 67 68 74 3a 35 38 2e 33
                                                                                                                                                                                                                          Data Ascii: -xs-2{width:16.66666667%}.vc_col-xs-1{width:8.33333333%}.vc_col-xs-pull-12{right:100%}.vc_col-xs-pull-11{right:91.66666667%}.vc_col-xs-pull-10{right:83.33333333%}.vc_col-xs-pull-9{right:75%}.vc_col-xs-pull-8{right:66.66666667%}.vc_col-xs-pull-7{right:58.3
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 65 66 74 3a 31 36 2e 36 36 36 36 36 36 36 37 25 7d 2e 76 63 5f 63 6f 6c 2d 78 73 2d 6f 66 66 73 65 74 2d 31 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 38 2e 33 33 33 33 33 33 33 33 25 7d 2e 76 63 5f 63 6f 6c 2d 78 73 2d 6f 66 66 73 65 74 2d 30 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 30 7d 2e 76 63 5f 63 6f 6c 2d 6c 67 2d 31 5c 2f 35 2c 2e 76 63 5f 63 6f 6c 2d 6c 67 2d 32 5c 2f 35 2c 2e 76 63 5f 63 6f 6c 2d 6c 67 2d 33 5c 2f 35 2c 2e 76 63 5f 63 6f 6c 2d 6c 67 2d 34 5c 2f 35 2c 2e 76 63 5f 63 6f 6c 2d 6c 67 2d 35 5c 2f 35 2c 2e 76 63 5f 63 6f 6c 2d 6d 64 2d 31 5c 2f 35 2c 2e 76 63 5f 63 6f 6c 2d 6d 64 2d 32 5c 2f 35 2c 2e 76 63 5f 63 6f 6c 2d 6d 64 2d 33 5c 2f 35 2c 2e 76 63 5f 63 6f 6c 2d 6d 64 2d 34 5c 2f 35 2c 2e 76 63 5f 63 6f 6c 2d 6d 64 2d 35 5c 2f 35 2c
                                                                                                                                                                                                                          Data Ascii: eft:16.66666667%}.vc_col-xs-offset-1{margin-left:8.33333333%}.vc_col-xs-offset-0{margin-left:0}.vc_col-lg-1\/5,.vc_col-lg-2\/5,.vc_col-lg-3\/5,.vc_col-lg-4\/5,.vc_col-lg-5\/5,.vc_col-md-1\/5,.vc_col-md-2\/5,.vc_col-md-3\/5,.vc_col-md-4\/5,.vc_col-md-5\/5,
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 5f 63 6f 6c 2d 78 73 2d 31 5c 2f 35 2c 5b 64 69 72 3d 72 74 6c 5d 20 2e 76 63 5f 72 74 6c 2d 63 6f 6c 75 6d 6e 73 2d 72 65 76 65 72 73 65 20 2e 76 63 5f 63 6f 6c 2d 78 73 2d 32 5c 2f 35 2c 5b 64 69 72 3d 72 74 6c 5d 20 2e 76 63 5f 72 74 6c 2d 63 6f 6c 75 6d 6e 73 2d 72 65 76 65 72 73 65 20 2e 76 63 5f 63 6f 6c 2d 78 73 2d 33 5c 2f 35 2c 5b 64 69 72 3d 72 74 6c 5d 20 2e 76 63 5f 72 74 6c 2d 63 6f 6c 75 6d 6e 73 2d 72 65 76 65 72 73 65 20 2e 76 63 5f 63 6f 6c 2d 78 73 2d 34 5c 2f 35 2c 5b 64 69 72 3d 72 74 6c 5d 20 2e 76 63 5f 72 74 6c 2d 63 6f 6c 75 6d 6e 73 2d 72 65 76 65 72 73 65 20 2e 76 63 5f 63 6f 6c 2d 78 73 2d 35 5c 2f 35 2c 5b 64 69 72 3d 72 74 6c 5d 20 2e 76 63 5f 72 74 6c 2d 63 6f 6c 75 6d 6e 73 2d 72 65 76 65 72 73 65 20 2e 76 63 5f 6e 6f 6e 5f
                                                                                                                                                                                                                          Data Ascii: _col-xs-1\/5,[dir=rtl] .vc_rtl-columns-reverse .vc_col-xs-2\/5,[dir=rtl] .vc_rtl-columns-reverse .vc_col-xs-3\/5,[dir=rtl] .vc_rtl-columns-reverse .vc_col-xs-4\/5,[dir=rtl] .vc_rtl-columns-reverse .vc_col-xs-5\/5,[dir=rtl] .vc_rtl-columns-reverse .vc_non_
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 2d 39 7b 66 6c 6f 61 74 3a 72 69 67 68 74 7d 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 31 32 7b 77 69 64 74 68 3a 31 30 30 25 7d 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 31 31 7b 77 69 64 74 68 3a 39 31 2e 36 36 36 36 36 36 36 37 25 7d 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 31 30 7b 77 69 64 74 68 3a 38 33 2e 33 33 33 33 33 33 33 33 25 7d 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 39 7b 77 69 64 74 68 3a 37 35 25 7d 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 38 7b 77 69 64 74 68 3a 36 36 2e 36 36 36 36 36 36 36 37 25 7d 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 37 7b 77 69 64 74 68 3a 35 38 2e 33 33 33 33 33 33 33 33 25 7d 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 36 7b 77 69 64 74 68 3a 35 30 25 7d 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 35 7b 77 69 64 74 68 3a 34 31 2e 36 36 36 36 36 36 36 37 25 7d 2e 76 63 5f 63 6f 6c
                                                                                                                                                                                                                          Data Ascii: -9{float:right}.vc_col-sm-12{width:100%}.vc_col-sm-11{width:91.66666667%}.vc_col-sm-10{width:83.33333333%}.vc_col-sm-9{width:75%}.vc_col-sm-8{width:66.66666667%}.vc_col-sm-7{width:58.33333333%}.vc_col-sm-6{width:50%}.vc_col-sm-5{width:41.66666667%}.vc_col
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 6c 2d 73 6d 2d 6f 66 66 73 65 74 2d 39 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 37 35 25 7d 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 6f 66 66 73 65 74 2d 38 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 36 36 2e 36 36 36 36 36 36 36 37 25 7d 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 6f 66 66 73 65 74 2d 37 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 35 38 2e 33 33 33 33 33 33 33 33 25 7d 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 6f 66 66 73 65 74 2d 36 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 35 30 25 7d 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 6f 66 66 73 65 74 2d 35 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 34 31 2e 36 36 36 36 36 36 36 37 25 7d 2e 76 63 5f 63 6f 6c 2d 73 6d 2d 6f 66 66 73 65 74 2d 34 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 33 33 2e 33 33 33 33 33 33 33 33 25 7d 2e 76 63 5f 63 6f 6c 2d 73
                                                                                                                                                                                                                          Data Ascii: l-sm-offset-9{margin-left:75%}.vc_col-sm-offset-8{margin-left:66.66666667%}.vc_col-sm-offset-7{margin-left:58.33333333%}.vc_col-sm-offset-6{margin-left:50%}.vc_col-sm-offset-5{margin-left:41.66666667%}.vc_col-sm-offset-4{margin-left:33.33333333%}.vc_col-s


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          19192.168.2.449763104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC688OUTGET /wp-content/plugins/tml-social/assets/styles/tml-social.min.css?ver=1.1 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC767INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:18 GMT
                                                                                                                                                                                                                          Content-Type: text/css
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Sun, 13 Dec 2020 20:33:11 GMT
                                                                                                                                                                                                                          ETag: W/"338a8c-93d-5b65e6f23c1a9-gzip"
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: EXPIRED
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ycl9bN6u4NOt6XfgqQCooaB5wCq0QJAzJf4omC%2Fe8lxdsNTUQFuZPNas%2B7RzTc1izWue3%2ByMeQ0MoNlRW0THkMD07DQG9vImfQej2oXH%2B9P3U4S7a1aRMH40Qws%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c21a5afb20b2-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC602INData Raw: 39 33 64 0d 0a 2e 74 6d 6c 2d 6c 6f 67 69 6e 2c 2e 74 6d 6c 2d 72 65 67 69 73 74 65 72 2c 2e 74 6d 6c 2d 73 6f 63 69 61 6c 2d 64 69 76 69 64 65 72 2c 2e 74 6d 6c 2d 73 6f 63 69 61 6c 2d 70 72 6f 76 69 64 65 72 73 7b 6d 61 78 2d 77 69 64 74 68 3a 33 32 30 70 78 7d 2e 74 6d 6c 2d 73 6f 63 69 61 6c 2d 64 69 76 69 64 65 72 7b 6d 61 72 67 69 6e 3a 32 65 6d 20 30 7d 2e 74 6d 6c 2d 73 6f 63 69 61 6c 2d 64 69 76 69 64 65 72 20 73 70 61 6e 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 75 6c 2e 74 6d 6c 2d 73 6f 63 69 61 6c 2d 70 72 6f 76 69 64 65 72 73 7b 6c 69 73 74 2d 73 74 79 6c 65 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 3a 30 20 61 75 74 6f 3b 70 61 64 64 69 6e 67 3a 30 7d 75 6c 2e 74 6d 6c 2d 73 6f 63 69 61 6c 2d 70 72 6f 76 69 64 65 72 73 20 6c 69 7b 6d 61 72 67 69
                                                                                                                                                                                                                          Data Ascii: 93d.tml-login,.tml-register,.tml-social-divider,.tml-social-providers{max-width:320px}.tml-social-divider{margin:2em 0}.tml-social-divider span{display:none}ul.tml-social-providers{list-style:none;margin:0 auto;padding:0}ul.tml-social-providers li{margi
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 77 69 64 74 68 3a 31 2e 35 65 6d 7d 2e 74 6d 6c 2d 73 6f 63 69 61 6c 2d 70 72 6f 76 69 64 65 72 20 2e 74 6d 6c 2d 73 6f 63 69 61 6c 2d 70 72 6f 76 69 64 65 72 2d 74 65 78 74 7b 64 69 73 70 6c 61 79 3a 74 61 62 6c 65 2d 63 65 6c 6c 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 65 6d 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 32 2e 35 7d 2e 74 6d 6c 2d 73 6f 63 69 61 6c 2d 70 72 6f 76 69 64 65 72 73 20 61 2e 74 6d 6c 2d 73 6f 63 69 61 6c 2d 70 72 6f 76 69 64 65 72 3a 6c 69 6e 6b 2c 2e 74 6d 6c 2d 73 6f 63 69 61 6c 2d 70 72 6f 76 69 64 65 72 73 20 61 2e 74 6d 6c 2d 73 6f 63 69 61 6c 2d 70 72 6f 76 69 64 65 72 3a 76 69 73 69 74 65 64 7b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 3b 62
                                                                                                                                                                                                                          Data Ascii: play:inline-block;width:1.5em}.tml-social-provider .tml-social-provider-text{display:table-cell;padding-left:1em;line-height:2.5}.tml-social-providers a.tml-social-provider:link,.tml-social-providers a.tml-social-provider:visited{-webkit-box-shadow:none;b
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC401INData Raw: 65 72 73 2d 64 69 76 69 64 65 72 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 65 6d 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 7d 2e 74 6d 6c 2d 73 6f 63 69 61 6c 2d 70 72 6f 76 69 64 65 72 73 2d 64 69 76 69 64 65 72 3a 62 65 66 6f 72 65 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 62 62 62 3b 63 6f 6e 74 65 6e 74 3a 27 27 3b 68 65 69 67 68 74 3a 31 70 78 3b 6c 65 66 74 3a 30 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 72 69 67 68 74 3a 30 3b 74 6f 70 3a 31 65 6d 3b 77 69 64 74 68 3a 31 30 30 25 7d 2e 74 6d 6c 2d 73 6f 63 69 61 6c 2d 70 72 6f 76 69 64 65 72 73 2d 64 69 76 69 64 65 72 20 73 70 61 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 62 6f 72 64 65 72 3a 31 70 78 20
                                                                                                                                                                                                                          Data Ascii: ers-divider{margin-bottom:1em;position:relative;text-align:center}.tml-social-providers-divider:before{background:#bbb;content:'';height:1px;left:0;position:absolute;right:0;top:1em;width:100%}.tml-social-providers-divider span{background:#fff;border:1px
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          20192.168.2.449764142.251.16.1134434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1261OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912395180&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714912397&sct=1&seg=0&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=6799 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:18 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          21192.168.2.449767104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC671OUTGET /wp-content/plugins/jetpack/css/jetpack.css?ver=13.3.1 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC763INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:18 GMT
                                                                                                                                                                                                                          Content-Type: text/css
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Wed, 10 Apr 2024 21:49:20 GMT
                                                                                                                                                                                                                          ETag: W/"100191-1a512-615c502d5f969-gzip"
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: EXPIRED
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5ccdKoIKnpEkSz7AcbSDoEPEV2IqDbNSslliXl7mUOoWo3cs0dYSDolp3M1h5aedGaMV42qOw%2BtjtCfpzkeKXUA8GJUYHQ9jm4qQ8rXAfYNQgSDxSPxHvUZfNxI%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c21bbb442412-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC606INData Raw: 37 63 62 38 0d 0a 40 63 68 61 72 73 65 74 20 22 55 54 46 2d 38 22 3b 40 66 6f 6e 74 2d 66 61 63 65 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 73 77 69 70 65 72 2d 69 63 6f 6e 73 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 3b 73 72 63 3a 75 72 6c 28 22 64 61 74 61 3a 61 70 70 6c 69 63 61 74 69 6f 6e 2f 66 6f 6e 74 2d 77 6f 66 66 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3b 62 61 73 65 36 34 2c 20 64 30 39 47 52 67 41 42 41 41 41 41 41 41 5a 67 41 42 41 41 41 41 41 41 44 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 42 47 52 6c 52 4e 41 41 41 47 52 41 41 41 41 42 6f 41 41 41 41 63 69 36 71 48 6b 55 64 45 52 55 59 41 41 41 57 67 41 41 41 41 49 77 41 41
                                                                                                                                                                                                                          Data Ascii: 7cb8@charset "UTF-8";@font-face{font-family:swiper-icons;font-style:normal;font-weight:400;src:url("data:application/font-woff;charset=utf-8;base64, d09GRgABAAAAAAZgABAAAAAADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABGRlRNAAAGRAAAABoAAAAci6qHkUdERUYAAAWgAAAAIwAA
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 64 42 77 6c 77 62 33 4e 30 41 41 41 46 4e 41 41 41 41 47 49 41 41 41 43 45 35 73 37 34 68 58 6a 61 59 32 42 6b 59 47 41 41 59 70 66 35 48 75 2f 6a 2b 57 32 2b 4d 6e 41 7a 4d 59 44 41 7a 61 58 36 51 6a 44 36 2f 34 2f 2f 42 78 6a 35 47 41 38 41 75 52 77 4d 59 47 6b 41 50 79 77 4c 31 33 6a 61 59 32 42 6b 59 47 41 38 38 50 38 41 67 78 34 6a 2b 2f 38 66 51 44 59 66 41 31 41 45 42 57 67 44 41 49 42 32 42 4f 6f 41 65 4e 70 6a 59 47 52 67 59 4e 42 68 34 47 64 67 59 67 41 42 45 4d 6e 49 41 42 4a 7a 59 4e 41 44 43 51 41 41 43 57 67 41 73 51 42 34 32 6d 4e 67 59 66 7a 43 4f 49 47 42 6c 59 47 42 30 59 63 78 6a 59 47 42 77 52 31 4b 66 32 57 51 5a 47 68 68 59 47 42 69 59 47 56 6d 67 41 46 47 42 69 51 51 6b 4f 61 61 77 74 44 41 6f 4d 42 51 78 58 6a 67 2f 77 45 47 50 63
                                                                                                                                                                                                                          Data Ascii: dBwlwb3N0AAAFNAAAAGIAAACE5s74hXjaY2BkYGAAYpf5Hu/j+W2+MnAzMYDAzaX6QjD6/4//Bxj5GA8AuRwMYGkAPywL13jaY2BkYGA88P8Agx4j+/8fQDYfA1AEBWgDAIB2BOoAeNpjYGRgYNBh4GdgYgABEMnIABJzYNADCQAACWgAsQB42mNgYfzCOIGBlYGB0YcxjYGBwR1Kf2WQZGhhYGBiYGVmgAFGBiQQkOaawtDAoMBQxXjg/wEGPc
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 33 69 2f 42 50 38 33 76 49 42 4c 4c 79 53 73 6f 4b 69 6d 72 71 4b 71 70 61 32 68 70 36 2b 6a 71 36 52 73 59 47 68 6d 62 6d 4a 71 5a 53 79 30 73 72 61 78 74 62 4f 33 73 48 52 79 64 6e 45 4d 55 34 75 52 36 79 78 37 4a 4a 58 76 65 50 37 57 72 44 79 63 41 41 41 41 41 41 41 48 2f 2f 77 41 43 65 4e 70 6a 59 47 52 67 59 4f 41 42 59 68 6b 67 5a 67 4a 43 5a 67 5a 4e 42 6b 59 47 4c 51 5a 74 49 4a 73 46 4c 4d 59 41 41 41 77 33 41 4c 67 41 65 4e 6f 6c 69 7a 45 4b 67 44 41 51 42 43 63 68 52 62 43 32 73 46 45 52 30 59 44 36 71 56 51 69 42 43 76 2f 48 39 65 7a 47 49 36 5a 35 58 42 41 77 38 43 42 4b 2f 6d 35 69 51 51 56 61 75 56 62 58 4c 6e 4f 72 4d 5a 76 32 6f 4c 64 4b 46 61 38 50 6a 75 72 75 32 68 4a 7a 47 61 62 6d 4f 53 4c 7a 4e 4d 7a 76 75 74 70 42 33 4e 34 32 6d 4e
                                                                                                                                                                                                                          Data Ascii: 3i/BP83vIBLLySsoKimrqKqpa2hp6+jq6RsYGhmbmJqZSy0sraxtbO3sHRydnEMU4uR6yx7JJXveP7WrDycAAAAAAAH//wACeNpjYGRgYOABYhkgZgJCZgZNBkYGLQZtIJsFLMYAAAw3ALgAeNolizEKgDAQBCchRbC2sFER0YD6qVQiBCv/H9ezGI6Z5XBAw8CBK/m5iQQVauVbXLnOrMZv2oLdKFa8Pjuru2hJzGabmOSLzNMzvutpB3N42mN
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 63 74 69 6f 6e 3a 70 61 6e 2d 78 7d 2e 6a 70 2d 63 61 72 6f 75 73 65 6c 2d 6f 76 65 72 6c 61 79 20 2e 73 77 69 70 65 72 2d 73 6c 69 64 65 7b 66 6c 65 78 2d 73 68 72 69 6e 6b 3a 30 3b 68 65 69 67 68 74 3a 31 30 30 25 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 74 72 61 6e 73 69 74 69 6f 6e 2d 70 72 6f 70 65 72 74 79 3a 74 72 61 6e 73 66 6f 72 6d 3b 77 69 64 74 68 3a 31 30 30 25 7d 2e 6a 70 2d 63 61 72 6f 75 73 65 6c 2d 6f 76 65 72 6c 61 79 20 2e 73 77 69 70 65 72 2d 73 6c 69 64 65 2d 69 6e 76 69 73 69 62 6c 65 2d 62 6c 61 6e 6b 7b 76 69 73 69 62 69 6c 69 74 79 3a 68 69 64 64 65 6e 7d 2e 6a 70 2d 63 61 72 6f 75 73 65 6c 2d 6f 76 65 72 6c 61 79 20 2e 73 77 69 70 65 72 2d 63 6f 6e 74 61 69 6e 65 72 2d 61 75 74 6f 68 65 69 67 68 74 2c 2e 6a 70 2d
                                                                                                                                                                                                                          Data Ascii: ction:pan-x}.jp-carousel-overlay .swiper-slide{flex-shrink:0;height:100%;position:relative;transition-property:transform;width:100%}.jp-carousel-overlay .swiper-slide-invisible-blank{visibility:hidden}.jp-carousel-overlay .swiper-container-autoheight,.jp-
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 61 79 20 2e 73 77 69 70 65 72 2d 63 6f 6e 74 61 69 6e 65 72 2d 33 64 20 2e 73 77 69 70 65 72 2d 73 6c 69 64 65 2d 73 68 61 64 6f 77 2d 6c 65 66 74 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 32 37 30 64 65 67 2c 23 30 30 30 30 30 30 38 30 2c 23 30 30 30 30 29 7d 2e 6a 70 2d 63 61 72 6f 75 73 65 6c 2d 6f 76 65 72 6c 61 79 20 2e 73 77 69 70 65 72 2d 63 6f 6e 74 61 69 6e 65 72 2d 33 64 20 2e 73 77 69 70 65 72 2d 73 6c 69 64 65 2d 73 68 61 64 6f 77 2d 72 69 67 68 74 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 39 30 64 65 67 2c 23 30 30 30 30 30 30 38 30 2c 23 30 30 30 30 29 7d 2e 6a 70 2d 63 61 72 6f 75 73 65 6c 2d 6f 76 65 72 6c 61 79 20 2e 73
                                                                                                                                                                                                                          Data Ascii: ay .swiper-container-3d .swiper-slide-shadow-left{background-image:linear-gradient(270deg,#00000080,#0000)}.jp-carousel-overlay .swiper-container-3d .swiper-slide-shadow-right{background-image:linear-gradient(90deg,#00000080,#0000)}.jp-carousel-overlay .s
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 72 2d 6e 61 76 69 67 61 74 69 6f 6e 2d 73 69 7a 65 29 2f 32 29 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 35 30 25 3b 77 69 64 74 68 3a 63 61 6c 63 28 76 61 72 28 2d 2d 73 77 69 70 65 72 2d 6e 61 76 69 67 61 74 69 6f 6e 2d 73 69 7a 65 29 2f 34 34 2a 32 37 29 3b 7a 2d 69 6e 64 65 78 3a 31 30 7d 2e 6a 70 2d 63 61 72 6f 75 73 65 6c 2d 6f 76 65 72 6c 61 79 20 2e 73 77 69 70 65 72 2d 62 75 74 74 6f 6e 2d 6e 65 78 74 2e 73 77 69 70 65 72 2d 62 75 74 74 6f 6e 2d 64 69 73 61 62 6c 65 64 2c 2e 6a 70 2d 63 61 72 6f 75 73 65 6c 2d 6f 76 65 72 6c 61 79 20 2e 73 77 69 70 65 72 2d 62 75 74 74 6f 6e 2d 70 72 65 76 2e 73 77 69 70 65 72 2d 62 75 74 74 6f 6e 2d 64 69 73 61 62 6c 65 64 7b 63 75 72 73 6f 72 3a 61 75 74 6f 3b 6f 70 61 63 69 74 79 3a
                                                                                                                                                                                                                          Data Ascii: r-navigation-size)/2);position:absolute;top:50%;width:calc(var(--swiper-navigation-size)/44*27);z-index:10}.jp-carousel-overlay .swiper-button-next.swiper-button-disabled,.jp-carousel-overlay .swiper-button-prev.swiper-button-disabled{cursor:auto;opacity:
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 2d 6f 76 65 72 6c 61 79 20 2e 73 77 69 70 65 72 2d 62 75 74 74 6f 6e 2d 6c 6f 63 6b 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 2e 6a 70 2d 63 61 72 6f 75 73 65 6c 2d 6f 76 65 72 6c 61 79 20 2e 73 77 69 70 65 72 2d 70 61 67 69 6e 61 74 69 6f 6e 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 5a 28 30 29 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 6f 70 61 63 69 74 79 20 2e 33 73 3b 7a 2d 69 6e 64 65 78 3a 31 30 7d 2e 6a 70 2d 63 61 72 6f 75 73 65 6c 2d 6f 76 65 72 6c 61 79 20 2e 73 77 69 70 65 72 2d 70 61 67 69 6e 61 74 69 6f 6e 2e 73 77 69 70 65 72 2d 70 61 67 69 6e 61 74 69 6f 6e 2d 68 69 64 64 65 6e 7b 6f 70 61 63 69 74 79 3a 30 7d 2e 6a 70 2d
                                                                                                                                                                                                                          Data Ascii: -overlay .swiper-button-lock{display:none}.jp-carousel-overlay .swiper-pagination{position:absolute;text-align:center;transform:translateZ(0);transition:opacity .3s;z-index:10}.jp-carousel-overlay .swiper-pagination.swiper-pagination-hidden{opacity:0}.jp-
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 6e 2d 62 75 6c 6c 65 74 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 30 30 30 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 35 30 25 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 68 65 69 67 68 74 3a 38 70 78 3b 6f 70 61 63 69 74 79 3a 2e 32 3b 77 69 64 74 68 3a 38 70 78 7d 2e 6a 70 2d 63 61 72 6f 75 73 65 6c 2d 6f 76 65 72 6c 61 79 20 62 75 74 74 6f 6e 2e 73 77 69 70 65 72 2d 70 61 67 69 6e 61 74 69 6f 6e 2d 62 75 6c 6c 65 74 7b 2d 77 65 62 6b 69 74 2d 61 70 70 65 61 72 61 6e 63 65 3a 6e 6f 6e 65 3b 61 70 70 65 61 72 61 6e 63 65 3a 6e 6f 6e 65 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 2e 6a 70 2d 63 61 72 6f 75 73 65 6c 2d 6f 76 65 72 6c 61
                                                                                                                                                                                                                          Data Ascii: n-bullet{background:#000;border-radius:50%;display:inline-block;height:8px;opacity:.2;width:8px}.jp-carousel-overlay button.swiper-pagination-bullet{-webkit-appearance:none;appearance:none;border:none;box-shadow:none;margin:0;padding:0}.jp-carousel-overla
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 6e 74 61 69 6e 65 72 2d 68 6f 72 69 7a 6f 6e 74 61 6c 3e 2e 73 77 69 70 65 72 2d 70 61 67 69 6e 61 74 69 6f 6e 2d 62 75 6c 6c 65 74 73 2e 73 77 69 70 65 72 2d 70 61 67 69 6e 61 74 69 6f 6e 2d 62 75 6c 6c 65 74 73 2d 64 79 6e 61 6d 69 63 20 2e 73 77 69 70 65 72 2d 70 61 67 69 6e 61 74 69 6f 6e 2d 62 75 6c 6c 65 74 7b 74 72 61 6e 73 69 74 69 6f 6e 3a 74 72 61 6e 73 66 6f 72 6d 20 2e 32 73 2c 6c 65 66 74 20 2e 32 73 7d 2e 6a 70 2d 63 61 72 6f 75 73 65 6c 2d 6f 76 65 72 6c 61 79 20 2e 73 77 69 70 65 72 2d 63 6f 6e 74 61 69 6e 65 72 2d 68 6f 72 69 7a 6f 6e 74 61 6c 2e 73 77 69 70 65 72 2d 63 6f 6e 74 61 69 6e 65 72 2d 72 74 6c 3e 2e 73 77 69 70 65 72 2d 70 61 67 69 6e 61 74 69 6f 6e 2d 62 75 6c 6c 65 74 73 2d 64 79 6e 61 6d 69 63 20 2e 73 77 69 70 65 72 2d 70
                                                                                                                                                                                                                          Data Ascii: ntainer-horizontal>.swiper-pagination-bullets.swiper-pagination-bullets-dynamic .swiper-pagination-bullet{transition:transform .2s,left .2s}.jp-carousel-overlay .swiper-container-horizontal.swiper-container-rtl>.swiper-pagination-bullets-dynamic .swiper-p
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 61 74 69 6f 6e 2d 62 6c 61 63 6b 7b 2d 2d 73 77 69 70 65 72 2d 70 61 67 69 6e 61 74 69 6f 6e 2d 63 6f 6c 6f 72 3a 23 30 30 30 7d 2e 6a 70 2d 63 61 72 6f 75 73 65 6c 2d 6f 76 65 72 6c 61 79 20 2e 73 77 69 70 65 72 2d 70 61 67 69 6e 61 74 69 6f 6e 2d 6c 6f 63 6b 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 2e 6a 70 2d 63 61 72 6f 75 73 65 6c 2d 6f 76 65 72 6c 61 79 20 2e 73 77 69 70 65 72 2d 7a 6f 6f 6d 2d 63 6f 6e 74 61 69 6e 65 72 7b 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 63 65 6e 74 65 72 3b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 68 65 69 67 68 74 3a 31 30 30 25 3b 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 63 65 6e 74 65 72 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 77 69 64 74 68 3a 31 30 30 25 7d 2e 6a 70 2d 63 61 72 6f 75 73 65 6c 2d 6f
                                                                                                                                                                                                                          Data Ascii: ation-black{--swiper-pagination-color:#000}.jp-carousel-overlay .swiper-pagination-lock{display:none}.jp-carousel-overlay .swiper-zoom-container{align-items:center;display:flex;height:100%;justify-content:center;text-align:center;width:100%}.jp-carousel-o


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          22192.168.2.449765142.251.111.1544434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC776OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&cid=22835578.1714912397&gtm=45je4510v890333677za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0 HTTP/1.1
                                                                                                                                                                                                                          Host: stats.g.doubleclick.net
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:18 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          23192.168.2.449768104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC640OUTGET /?custom-css=c8bee26073 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC826INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:19 GMT
                                                                                                                                                                                                                          Content-Type: text/css;charset=UTF-8
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Mon, 05 May 2025 12:33:19 GMT
                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=APmdvgD07swWcN2JzQTo%2BlU9EFwfEaakeHzcIrjx7ML9W1%2FcPPCN3KvOlXqvRQ%2FDPuv2QWV9ArSS1CEpqebzdKVKUX%2BV8656G5LVds5G%2BcBTlSylIdrhpDjkxDM%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c21cdbd03964-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC543INData Raw: 66 31 38 0d 0a 40 69 6d 70 6f 72 74 20 75 72 6c 28 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 26 64 69 73 70 6c 61 79 3d 73 77 61 70 27 29 3b 0a 0a 2f 2a 20 64 69 73 61 62 6c 65 20 64 61 72 6b 20 6d 6f 64 65 20 70 65 6e 64 69 6e 67 20 6d 6f 72 65 20 70 72 65 63 69 73 65 20 77 6f 72 6b 20 2a 2f 0a 2f 2a 20 40 69 6d 70 6f 72 74 20 22 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6d 65 6d 69 6e 7a 2f 63 73 73 2f 64 61 72 6b 6d 6f 64 65 2d 63 75 73 74 6f 6d 2e 63 73 73 22 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 20 64 61 72 6b 29 3b 0a 2a 2f 0a 0a 23 6e 6f 2d 75 73 65 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f
                                                                                                                                                                                                                          Data Ascii: f18@import url('https://fonts.googleapis.com/css2?family=Roboto&display=swap');/* disable dark mode pending more precise work *//* @import "/wp-content/themes/meminz/css/darkmode-custom.css" (prefers-color-scheme: dark);*/#no-use {margin: 0 auto
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC1369INData Raw: 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 66 6f 63 75 73 0a 7b 0a 09 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 68 6f 76 65 72 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 2e 73 65 6c 65 63 74 65 64 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61
                                                                                                                                                                                                                          Data Ascii: bar-default .navbar-nav li a:focus{border: none;}.navbar-default .navbar-nav li a:hover,.navbar-default .navbar-nav li a.selected,.navbar-default .navbar-nav .active a,.navbar-default .navbar-nav .dropdown.active a,.navbar-default .navbar-nav .a
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC1369INData Raw: 20 23 30 30 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 2e 35 65 6d 3b 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 2e 35 65 6d 3b 0a 09 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 37 30 30 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 32 70 78 3b 0a 09 2d 6d 6f 7a 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 77 65 62 6b 69 74 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 6b 68 74 6d 6c 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 3b 0a 09 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 7d 0a 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 61 63 74 69 76 65 2c 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 68 6f
                                                                                                                                                                                                                          Data Ascii: #000;padding: .5em;line-height: 2.5em;font-weight: 700;border-width: 2px;-moz-border-radius: .5em;-webkit-border-radius: .5em;-khtml-border-radius: .5em .5em .5em .5em;border-radius: .5em;}a.download_button:active,a.download_button:ho
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC590INData Raw: 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 45 30 45 30 45 30 3b 0a 09 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 39 41 39 41 39 41 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 31 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 7d 0a 0a 2e 77 70 62 5f 63 6f 6e 74 65 6e 74 5f 65 6c 65 6d 65 6e 74 20 2e 77 70 62 5f 74 61 62 73 5f 6e 61 76 20 7b 0a 09 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 68 69 64 64 65 6e 2c 20 2e 65 64 64 5f 73 6c 5f 6e 6f 5f 6d 61 6e 61 67 65 6d 65 6e 74 2c 20 2e 65 64 64 5f 73 6c 5f 73 74 61 74 75 73 5f 6c 61 62 65 6c 2c 20 2e 65 64 64 2d 73 6c 2d 61 63 74
                                                                                                                                                                                                                          Data Ascii: ound-color: #E0E0E0;border-color: #9A9A9A;border-width: 1px;border-top-left-radius: 6px;border-top-right-radius: 6px;}.wpb_content_element .wpb_tabs_nav {border-style: none;}.hidden, .edd_sl_no_management, .edd_sl_status_label, .edd-sl-act
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          24192.168.2.449769104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC838OUTGET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                          Sec-Fetch-User: ?1
                                                                                                                                                                                                                          Sec-Fetch-Dest: document
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; _ga_ZV0D0J286B=GS1.1.1714912397.1.0.1714912397.60.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC1029INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:19 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                          Link: <https://bitsum.com/wp-json/>; rel="https://api.w.org/"
                                                                                                                                                                                                                          Link: <https://bitsum.com/wp-json/wp/v2/pages/26649>; rel="alternate"; type="application/json"
                                                                                                                                                                                                                          Link: <https://bitsum.com/?p=26649>; rel=shortlink
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hKA9VPaENgtM5v1PTgAW4vl4BrxwWaUOZQRfqyGtusw6z7trNO1yYxGislQedQsjuFfrR4A4GJQtCXRxvEqAw94J84dPtQA5YYwJL4ni8fLXWCGibCeE5KzT6Ro%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c21ce80381d0-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC340INData Raw: 37 62 61 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65
                                                                                                                                                                                                                          Data Ascii: 7baf<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><link rel="profile" href="http://gmpg.org/xfn/11" /><link rel="pingback" href="https://bitsum.com/xmlrpc.php" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta name
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC1369INData Raw: 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 66 61 76 69 63 6f 6e 2e 70 6e 67 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 47 65 74 20 50 72 6f 63 65 73 73 20 4c 61 73 73 6f 20 50 72 6f 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e
                                                                                                                                                                                                                          Data Ascii: ntent="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /><link rel="shortcut icon" href="https://bitsum.com/wp-content/uploads/favicon.png" type="image/x-icon" /><title>Get Process Lasso Pro</title><meta name="robots" conten
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC1369INData Raw: 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 29 20 3a 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 65 66 61 75 6c 74 4c 6f 63 61 74 69 6f 6e 73 20 29 3b 0a 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 76 61 72 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 4c 6f 63 61 74 69 6f 6e 73 20 3d 20 28 74 79 70 65 6f 66 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d 6f 6e 73 74
                                                                                                                                                                                                                          Data Ascii: 'object') ? MonsterInsightsPrivacyGuardFilter( MonsterInsightsExcludeQuery ) : MonsterInsightsPrivacyGuardFilter( MonsterInsightsDefaultLocations );} else {var MonsterInsightsLocations = (typeof MonsterInsightsExcludeQuery === 'object') ? Monst
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC1369INData Raw: 44 75 61 6c 54 72 61 63 6b 65 72 20 3d 20 7b 0a 09 09 09 09 09 68 65 6c 70 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 09 74 72 61 63 6b 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 7d 3b 0a 09 09 09 09 69 66 20 28 6d 69 5f 74 72 61 63 6b 5f 75 73 65 72 29 20 7b 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 29 20 7b 0a 09 09 09 09 09 09 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 0a 09 09 09 09 09 7d 0a 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 54 72 61 63 6b 65 72 28 74 79 70 65 2c 20 6e 61 6d 65 2c 20 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 69 66 20 28 21 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 09 70 61 72 61 6d 65 74 65 72
                                                                                                                                                                                                                          Data Ascii: DualTracker = {helpers: {},trackers: {},};if (mi_track_user) {function __gtagDataLayer() {dataLayer.push(arguments);}function __gtagTracker(type, name, parameters) {if (!parameters) {parameter
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC1369INData Raw: 65 6c 6f 70 65 72 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 6e 61 6c 79 74 69 63 73 2f 64 65 76 67 75 69 64 65 73 2f 63 6f 6c 6c 65 63 74 69 6f 6e 2f 61 6e 61 6c 79 74 69 63 73 6a 73 2f 20 2a 2f 0a 09 09 09 09 09 09 2f 2a 20 67 61 20 61 6e 64 20 5f 5f 67 61 54 72 61 63 6b 65 72 20 63 6f 6d 70 61 74 69 62 69 6c 69 74 79 20 73 68 69 6d 2e 20 2a 2f 0a 09 09 09 09 09 09 76 61 72 20 6e 6f 6f 70 66 6e 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 0a 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 76 61 72 20 6e 65 77 74 72 61 63 6b 65 72 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 65 77 20 54 72 61 63 6b 65 72 28 29 3b 0a 09 09 09 09 09 09 7d 3b 0a 09
                                                                                                                                                                                                                          Data Ascii: elopers.google.com/analytics/devguides/collection/analyticsjs/ *//* ga and __gaTracker compatibility shim. */var noopfn = function () {return null;};var newtracker = function () {return new Tracker();};
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC1369INData Raw: 63 74 69 6f 6e 27 3a 20 27 70 61 67 65 5f 76 69 65 77 27 2c 0a 09 09 09 09 09 09 09 09 09 09 09 09 27 70 61 67 65 5f 70 61 74 68 27 3a 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 2c 0a 09 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 4f 62 6a 65 63 74 20 3d 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 35 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 4f 62 6a 65
                                                                                                                                                                                                                          Data Ascii: ction': 'page_view','page_path': arguments[2],}}}if (typeof arguments[2] === 'object') {hitObject = arguments[2];}if (typeof arguments[5] === 'object') {Obje
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC1369INData Raw: 09 09 09 7d 3b 0a 09 09 09 09 09 09 09 09 66 6f 72 20 28 61 72 67 20 69 6e 20 61 72 67 73 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 69 66 20 28 21 28 21 61 72 67 73 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 20 7c 7c 20 21 67 61 4d 61 70 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 29 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 67 61 4d 61 70 5b 61 72 67 5d 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 61 72 67 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 68 69 74 3b 0a 09 09 09 09 09 09 09
                                                                                                                                                                                                                          Data Ascii: };for (arg in args) {if (!(!args.hasOwnProperty(arg) || !gaMap.hasOwnProperty(arg))) {hit[gaMap[arg]] = args[arg];} else {hit[arg] = args[arg];}}return hit;
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC1369INData Raw: 6e 64 65 78 29 29 20 7b 0a 09 09 09 09 09 09 69 74 65 6d 5b 66 69 65 6c 64 4d 61 70 5b 6d 61 70 49 6e 64 65 78 5d 5d 20 3d 20 75 61 49 74 65 6d 5b 6d 61 70 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 7d 0a 09 09 09 09 7d 0a 0a 09 09 09 09 66 6f 72 20 28 70 72 65 66 69 78 49 6e 64 65 78 20 3d 20 30 3b 20 70 72 65 66 69 78 49 6e 64 65 78 20 3c 20 74 6f 42 65 50 72 65 66 69 78 65 64 2e 6c 65 6e 67 74 68 3b 20 70 72 65 66 69 78 49 6e 64 65 78 2b 2b 29 20 7b 0a 09 09 09 09 09 70 72 65 66 69 78 4b 65 79 20 3d 20 74 6f 42 65 50 72 65 66 69 78 65 64 5b 70 72 65 66 69 78 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 75 61 49 74 65 6d 5b 70 72 65 66 69 78 4b 65 79 5d 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 29 20 7b 0a 09 09 09 09 09 09
                                                                                                                                                                                                                          Data Ascii: ndex)) {item[fieldMap[mapIndex]] = uaItem[mapIndex];}}for (prefixIndex = 0; prefixIndex < toBePrefixed.length; prefixIndex++) {prefixKey = toBePrefixed[prefixIndex];if (typeof uaItem[prefixKey] !== 'undefined') {
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC1369INData Raw: 63 6f 6e 73 74 20 69 74 65 6d 73 20 3d 20 70 61 72 61 6d 65 74 65 72 73 2e 69 74 65 6d 73 2e 6d 61 70 28 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 68 65 6c 70 65 72 73 2e 6d 61 70 50 72 6f 64 75 63 74 49 74 65 6d 29 3b 0a 09 09 09 09 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 27 65 76 65 6e 74 27 2c 20 27 73 65 6c 65 63 74 5f 69 74 65 6d 27 2c 20 7b 69 74 65 6d 73 3a 20 69 74 65 6d 73 2c 20 73 65 6e 64 5f 74 6f 3a 20 70 61 72 61 6d 65 74 65 72 73 2e 73 65 6e 64 5f 74 6f 7d 29 3b 0a 09 09 09 7d 3b 0a 0a 09 09 09 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 74 72 61 63 6b 65 72 73 5b 27 76 69 65 77 5f 69 74 65 6d 27 5d 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 70 61 72 61 6d 65 74
                                                                                                                                                                                                                          Data Ascii: const items = parameters.items.map(MonsterInsightsDualTracker.helpers.mapProductItem);__gtagDataLayer('event', 'select_item', {items: items, send_to: parameters.send_to});};MonsterInsightsDualTracker.trackers['view_item'] = function (paramet
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC1369INData Raw: 74 69 6f 6e 20 75 28 65 2c 74 2c 6e 29 7b 73 77 69 74 63 68 28 74 29 7b 63 61 73 65 22 66 6c 61 67 22 3a 72 65 74 75 72 6e 20 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 32 36 61 37 5c 75 66 65 30 66 22 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 62 5c 75 32 36 61 37 5c 75 66 65 30 66 22 29 3f 21 31 3a 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 64 38 33 63 5c 75 64 64 66 33 22 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 32 30 30 62 5c 75 64 38 33 63 5c 75 64 64 66 33 22 29 26 26 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 64 62 34 30 5c 75 64 63 36 35 5c 75 64 62 34 30
                                                                                                                                                                                                                          Data Ascii: tion u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc65\udb40


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          25192.168.2.449770104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC689OUTGET /wp-content/plugins/google-analytics-premium/assets/js/frontend-gtag.min.js?ver=8.26.0 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: script
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC785INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:18 GMT
                                                                                                                                                                                                                          Content-Type: application/javascript
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Tue, 16 Apr 2024 14:58:19 GMT
                                                                                                                                                                                                                          ETag: W/"1030b9-2da9-61637f7f1d006-gzip"
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: HIT
                                                                                                                                                                                                                          Age: 2857
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NCkRzQ8SjeUzV1EnAW6CUSSDEFMYh8djzdtru0x%2BhEYLBo3LW5HDMiWFo0tNKUkyBucSFv%2BP2NF23GHyOrRZ5WMz6j7yac4yXAFTXrFIos6sLbHob7vCOQ9wAGo%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c21cfa4f819a-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC584INData Raw: 32 64 61 39 0d 0a 3b 76 61 72 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 5b 5d 2c 69 3d 27 27 2c 72 3d 21 31 3b 74 68 69 73 2e 73 65 74 4c 61 73 74 43 6c 69 63 6b 65 64 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 6e 2c 69 29 7b 74 3d 74 79 70 65 6f 66 20 74 21 3d 3d 27 75 6e 64 65 66 69 6e 65 64 27 3f 74 3a 5b 5d 3b 6e 3d 74 79 70 65 6f 66 20 6e 21 3d 3d 27 75 6e 64 65 66 69 6e 65 64 27 3f 6e 3a 5b 5d 3b 69 3d 74 79 70 65 6f 66 20 69 21 3d 3d 27 75 6e 64 65 66 69 6e 65 64 27 3f 69 3a 21 31 3b 65 2e 76 61 6c 75 65 73 41 72 72 61 79 3d 74 3b 65 2e 66 69 65 6c 64 73 41 72 72 61 79 3d 6e 7d 3b 74 68 69 73 2e 67 65 74 4c 61 73 74 43 6c 69 63 6b 65 64 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65
                                                                                                                                                                                                                          Data Ascii: 2da9;var MonsterInsights=function(){var e=[],i='',r=!1;this.setLastClicked=function(t,n,i){t=typeof t!=='undefined'?t:[];n=typeof n!=='undefined'?n:[];i=typeof i!=='undefined'?i:!1;e.valuesArray=t;e.fieldsArray=n};this.getLastClicked=function(){return e
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 3d 2d 31 29 7b 63 6f 6e 74 69 6e 75 65 7d 3b 69 66 28 6e 26 26 6e 2e 69 6e 64 65 78 4f 66 28 69 29 3e 2d 31 29 7b 63 6f 6e 74 69 6e 75 65 7d 3b 6c 5b 69 5d 3d 65 5b 69 5d 7d 3b 72 65 74 75 72 6e 20 6c 7d 3b 66 75 6e 63 74 69 6f 6e 20 62 28 65 2c 74 2c 6e 29 7b 69 66 28 21 6d 6f 6e 73 74 65 72 69 6e 73 69 67 68 74 73 5f 66 72 6f 6e 74 65 6e 64 2e 76 34 5f 69 64 7c 7c 65 21 3d 3d 27 65 76 65 6e 74 27 29 7b 72 65 74 75 72 6e 7d 3b 76 61 72 20 69 3d 6e 2e 65 76 65 6e 74 5f 63 61 74 65 67 6f 72 79 7c 7c 27 27 2c 61 3d 5b 27 65 76 65 6e 74 5f 6e 61 6d 65 27 2c 27 65 76 65 6e 74 5f 63 61 74 65 67 6f 72 79 27 2c 27 65 76 65 6e 74 5f 6c 61 62 65 6c 27 2c 27 76 61 6c 75 65 27 2c 5d 2c 6c 3d 70 28 6e 2c 6e 75 6c 6c 2c 61 29 3b 6c 2e 61 63 74 69 6f 6e 3d 74 3b 6c 2e
                                                                                                                                                                                                                          Data Ascii: =-1){continue};if(n&&n.indexOf(i)>-1){continue};l[i]=e[i]};return l};function b(e,t,n){if(!monsterinsights_frontend.v4_id||e!=='event'){return};var i=n.event_category||'',a=['event_name','event_category','event_label','value',],l=p(n,null,a);l.action=t;l.
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 6d 65 6e 74 2e 63 6f 6f 6b 69 65 3d 74 2b 27 3d 27 2b 74 2b 27 3b 64 6f 6d 61 69 6e 3d 27 2b 65 2b 27 3b 27 7d 3b 64 6f 63 75 6d 65 6e 74 2e 63 6f 6f 6b 69 65 3d 74 2b 27 3d 3b 65 78 70 69 72 65 73 3d 54 68 75 2c 20 30 31 20 4a 61 6e 20 31 39 37 30 20 30 30 3a 30 30 3a 30 31 20 47 4d 54 3b 64 6f 6d 61 69 6e 3d 27 2b 65 2b 27 3b 27 3b 72 65 74 75 72 6e 20 65 7d 3b 66 75 6e 63 74 69 6f 6e 20 75 28 65 29 7b 65 3d 65 2e 74 6f 53 74 72 69 6e 67 28 29 3b 65 3d 65 2e 73 75 62 73 74 72 69 6e 67 28 30 2c 28 65 2e 69 6e 64 65 78 4f 66 28 27 23 27 29 3d 3d 2d 31 29 3f 65 2e 6c 65 6e 67 74 68 3a 65 2e 69 6e 64 65 78 4f 66 28 27 23 27 29 29 3b 65 3d 65 2e 73 75 62 73 74 72 69 6e 67 28 30 2c 28 65 2e 69 6e 64 65 78 4f 66 28 27 3f 27 29 3d 3d 2d 31 29 3f 65 2e 6c 65 6e
                                                                                                                                                                                                                          Data Ascii: ment.cookie=t+'='+t+';domain='+e+';'};document.cookie=t+'=;expires=Thu, 01 Jan 1970 00:00:01 GMT;domain='+e+';';return e};function u(e){e=e.toString();e=e.substring(0,(e.indexOf('#')==-1)?e.length:e.indexOf('#'));e=e.substring(0,(e.indexOf('?')==-1)?e.len
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 26 61 2e 6c 65 6e 67 74 68 3e 30 26 26 28 6f 28 61 29 3d 3d 27 6d 61 69 6c 74 6f 27 7c 7c 6f 28 61 29 3d 3d 27 6d 61 69 6c 74 6f 3a 27 29 29 7b 74 3d 27 6d 61 69 6c 74 6f 27 7d 0a 65 6c 73 65 20 69 66 28 72 26 26 6d 26 26 72 2e 6c 65 6e 67 74 68 3e 30 26 26 6d 2e 6c 65 6e 67 74 68 3e 30 26 26 21 72 2e 65 6e 64 73 57 69 74 68 28 27 2e 27 2b 6d 29 26 26 72 21 3d 3d 6d 29 7b 74 3d 27 65 78 74 65 72 6e 61 6c 27 7d 0a 65 6c 73 65 20 69 66 28 6b 26 26 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 6c 29 21 3d 27 7b 7d 27 26 26 6b 2e 6c 65 6e 67 74 68 3e 30 29 7b 76 61 72 20 79 3d 6c 2e 6c 65 6e 67 74 68 3b 66 6f 72 28 76 61 72 20 6e 3d 30 3b 6e 3c 79 3b 6e 2b 2b 29 7b 69 66 28 6c 5b 6e 5d 2e 70 61 74 68 26 26 6c 5b 6e 5d 2e 6c 61 62 65 6c 26 26 6c 5b 6e 5d 2e 70
                                                                                                                                                                                                                          Data Ascii: &a.length>0&&(o(a)=='mailto'||o(a)=='mailto:')){t='mailto'}else if(r&&m&&r.length>0&&m.length>0&&!r.endsWith('.'+m)&&r!==m){t='external'}else if(k&&JSON.stringify(l)!='{}'&&k.length>0){var y=l.length;for(var n=0;n<y;n++){if(l[n].path&&l[n].label&&l[n].p
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 28 65 2e 61 6c 74 26 26 65 2e 61 6c 74 2e 72 65 70 6c 61 63 65 28 2f 5c 6e 2f 69 67 2c 27 27 29 29 7b 72 65 74 75 72 6e 20 65 2e 61 6c 74 2e 72 65 70 6c 61 63 65 28 2f 5c 6e 2f 69 67 2c 27 27 29 7d 0a 65 6c 73 65 20 69 66 28 65 2e 74 65 78 74 43 6f 6e 74 65 6e 74 26 26 65 2e 74 65 78 74 43 6f 6e 74 65 6e 74 2e 72 65 70 6c 61 63 65 28 2f 5c 6e 2f 69 67 2c 27 27 29 29 7b 72 65 74 75 72 6e 20 65 2e 74 65 78 74 43 6f 6e 74 65 6e 74 2e 72 65 70 6c 61 63 65 28 2f 5c 6e 2f 69 67 2c 27 27 29 7d 0a 65 6c 73 65 20 69 66 28 65 2e 66 69 72 73 74 43 68 69 6c 64 26 26 65 2e 66 69 72 73 74 43 68 69 6c 64 2e 74 61 67 4e 61 6d 65 3d 3d 27 49 4d 47 27 29 7b 72 65 74 75 72 6e 20 65 2e 66 69 72 73 74 43 68 69 6c 64 2e 73 72 63 7d 0a 65 6c 73 65 7b 72 65 74 75 72 6e 20 75 6e
                                                                                                                                                                                                                          Data Ascii: (e.alt&&e.alt.replace(/\n/ig,'')){return e.alt.replace(/\n/ig,'')}else if(e.textContent&&e.textContent.replace(/\n/ig,'')){return e.textContent.replace(/\n/ig,'')}else if(e.firstChild&&e.firstChild.tagName=='IMG'){return e.firstChild.src}else{return un
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 61 64 29 7b 76 61 72 20 65 3d 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 27 61 27 29 3b 65 2e 68 72 65 66 3d 61 2e 68 72 65 66 3b 65 2e 64 6f 77 6e 6c 6f 61 64 3d 61 2e 64 6f 77 6e 6c 6f 61 64 3b 65 2e 63 6c 69 63 6b 28 29 7d 0a 65 6c 73 65 7b 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 3d 76 7d 7d 2c 45 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 65 2e 65 78 69 74 3d 27 65 78 74 65 72 6e 61 6c 27 3b 74 28 65 29 7d 2c 43 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 65 2e 65 78 69 74 3d 27 69 6e 74 65 72 6e 61 6c 2d 61 73 2d 6f 75 74 62 6f 75 6e 64 27 3b 74 28 65 29 7d 2c 49 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 65 2e 65 78 69 74 3d 27 63 72 6f 73 73 2d 68 6f 73 74 6e 61 6d 65 27 3b 74 28 65 29 7d 3b 69 66 28 4b 7c 7c 6f 3d 3d 27 6d
                                                                                                                                                                                                                          Data Ascii: ad){var e=document.createElement('a');e.href=a.href;e.download=a.download;e.click()}else{window.location.href=v}},E=function(){e.exit='external';t(e)},C=function(){e.exit='internal-as-outbound';t(e)},I=function(){e.exit='cross-hostname';t(e)};if(K||o=='m
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 61 6d 65 2c 6c 69 6e 6b 5f 63 6c 61 73 73 65 73 3a 65 2e 65 6c 5f 63 6c 61 73 73 65 73 2c 6c 69 6e 6b 5f 69 64 3a 65 2e 65 6c 5f 69 64 2c 6f 75 74 62 6f 75 6e 64 3a 21 30 2c 7d 7d 0a 65 6c 73 65 20 69 66 28 6f 3d 3d 27 63 72 6f 73 73 2d 68 6f 73 74 6e 61 6d 65 27 29 7b 6b 3d 7b 65 76 65 6e 74 5f 63 61 74 65 67 6f 72 79 3a 27 63 72 6f 73 73 2d 68 6f 73 74 6e 61 6d 65 27 2c 65 76 65 6e 74 5f 6c 61 62 65 6c 3a 66 7c 7c 65 2e 74 69 74 6c 65 2c 6c 69 6e 6b 5f 74 65 78 74 3a 66 7c 7c 65 2e 74 69 74 6c 65 2c 6c 69 6e 6b 5f 75 72 6c 3a 76 2c 6c 69 6e 6b 5f 64 6f 6d 61 69 6e 3a 65 2e 65 6c 5f 68 6f 73 74 6e 61 6d 65 2c 6c 69 6e 6b 5f 63 6c 61 73 73 65 73 3a 65 2e 65 6c 5f 63 6c 61 73 73 65 73 2c 6c 69 6e 6b 5f 69 64 3a 65 2e 65 6c 5f 69 64 2c 7d 7d 3b 69 66 28 6b
                                                                                                                                                                                                                          Data Ascii: ame,link_classes:e.el_classes,link_id:e.el_id,outbound:!0,}}else if(o=='cross-hostname'){k={event_category:'cross-hostname',event_label:f||e.title,link_text:f||e.title,link_url:v,link_domain:e.el_hostname,link_classes:e.el_classes,link_id:e.el_id,}};if(k
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 73 70 6f 72 74 3d 27 62 65 61 63 6f 6e 27 7d 3b 6c 28 27 65 76 65 6e 74 27 2c 62 7c 7c 76 2c 6b 2c 65 29 3b 73 65 74 54 69 6d 65 6f 75 74 28 70 2c 31 30 30 30 29 7d 7d 0a 65 6c 73 65 20 69 66 28 6f 3d 3d 27 65 78 74 65 72 6e 61 6c 27 29 7b 72 3d 21 30 3b 77 69 6e 64 6f 77 2e 6f 6e 62 65 66 6f 72 65 75 6e 6c 6f 61 64 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 6b 3d 7b 65 76 65 6e 74 5f 63 61 74 65 67 6f 72 79 3a 27 6f 75 74 62 6f 75 6e 64 2d 6c 69 6e 6b 27 2c 65 76 65 6e 74 5f 6c 61 62 65 6c 3a 66 7c 7c 65 2e 74 69 74 6c 65 2c 65 76 65 6e 74 5f 63 61 6c 6c 62 61 63 6b 3a 70 2c 69 73 5f 61 66 66 69 6c 69 61 74 65 5f 6c 69 6e 6b 3a 21 31 2c 6c 69 6e 6b 5f 74 65 78 74 3a 66 7c 7c 65 2e 74 69 74 6c 65 2c 6c 69 6e 6b 5f 75 72 6c 3a 76 2c 6c 69 6e 6b 5f 64 6f 6d 61
                                                                                                                                                                                                                          Data Ascii: sport='beacon'};l('event',b||v,k,e);setTimeout(p,1000)}}else if(o=='external'){r=!0;window.onbeforeunload=function(t){k={event_category:'outbound-link',event_label:f||e.title,event_callback:p,is_affiliate_link:!1,link_text:f||e.title,link_url:v,link_doma
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 66 75 6e 63 74 69 6f 6e 20 6b 28 29 7b 69 66 28 6d 6f 6e 73 74 65 72 69 6e 73 69 67 68 74 73 5f 66 72 6f 6e 74 65 6e 64 2e 68 61 73 68 5f 74 72 61 63 6b 69 6e 67 3d 3d 3d 27 74 72 75 65 27 26 26 66 21 3d 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 68 61 73 68 26 26 6d 6f 6e 73 74 65 72 69 6e 73 69 67 68 74 73 5f 66 72 6f 6e 74 65 6e 64 2e 76 34 5f 69 64 29 7b 66 3d 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 68 61 73 68 3b 5f 5f 67 74 61 67 54 72 61 63 6b 65 72 28 27 63 6f 6e 66 69 67 27 2c 6d 6f 6e 73 74 65 72 69 6e 73 69 67 68 74 73 5f 66 72 6f 6e 74 65 6e 64 2e 76 34 5f 69 64 2c 7b 70 61 67 65 5f 70 61 74 68 3a 6c 6f 63 61 74 69 6f 6e 2e 70 61 74 68 6e 61 6d 65 2b 6c 6f 63 61 74 69 6f 6e 2e 73 65 61 72 63 68 2b 6c 6f 63 61 74 69 6f 6e 2e 68 61
                                                                                                                                                                                                                          Data Ascii: function k(){if(monsterinsights_frontend.hash_tracking==='true'&&f!=window.location.hash&&monsterinsights_frontend.v4_id){f=window.location.hash;__gtagTracker('config',monsterinsights_frontend.v4_id,{page_path:location.pathname+location.search+location.ha
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC161INData Raw: 6c 6f 6f 72 28 4d 61 74 68 2e 61 62 73 28 74 29 29 7d 7d 3b 66 6f 72 28 6e 3d 74 3e 3d 30 3f 4d 61 74 68 2e 6d 69 6e 28 74 2c 69 2d 31 29 3a 69 2d 4d 61 74 68 2e 61 62 73 28 74 29 3b 6e 3e 3d 30 3b 6e 2d 2d 29 7b 69 66 28 6e 20 69 6e 20 6c 26 26 6c 5b 6e 5d 3d 3d 3d 65 29 7b 72 65 74 75 72 6e 20 6e 7d 7d 3b 72 65 74 75 72 6e 2d 31 7d 7d 7d 2c 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 4f 62 6a 65 63 74 3d 6e 65 77 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 28 29 3b 0d 0a
                                                                                                                                                                                                                          Data Ascii: loor(Math.abs(t))}};for(n=t>=0?Math.min(t,i-1):i-Math.abs(t);n>=0;n--){if(n in l&&l[n]===e){return n}};return-1}}},MonsterInsightsObject=new MonsterInsights();


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          26192.168.2.449771104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC649OUTGET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: script
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC787INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:18 GMT
                                                                                                                                                                                                                          Content-Type: application/javascript
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Tue, 07 Nov 2023 20:47:19 GMT
                                                                                                                                                                                                                          ETag: W/"47576-15601-60996139f53e3-gzip"
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: HIT
                                                                                                                                                                                                                          Age: 2857
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rakNdSiIHiMgLVeS9Ls1CaItwbVnyDDItKHqtPYJGHa55bMrJaUB%2BKl3u4OVNB3T8xVaGyhPTudwR0MWUjKJ81N7H%2FcVQpY6TVeioY1XplmBt8FujG3adc%2FyW5Q%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c21d3c625764-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC582INData Raw: 37 63 61 30 0d 0a 2f 2a 21 20 6a 51 75 65 72 79 20 76 33 2e 37 2e 31 20 7c 20 28 63 29 20 4f 70 65 6e 4a 53 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 6f 74 68 65 72 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 20 7c 20 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 65 2e 64 6f 63 75 6d 65 6e 74 3f 74 28 65 2c 21 30 29 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 21 65 2e 64 6f 63 75 6d 65 6e 74 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f
                                                                                                                                                                                                                          Data Ascii: 7ca0/*! jQuery v3.7.1 | (c) OpenJS Foundation and other contributors | jquery.org/license */!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Erro
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 2c 6f 3d 75 65 2e 74 6f 53 74 72 69 6e 67 2c 61 3d 6f 2e 63 61 6c 6c 28 4f 62 6a 65 63 74 29 2c 6c 65 3d 7b 7d 2c 76 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 65 26 26 22 6e 75 6d 62 65 72 22 21 3d 74 79 70 65 6f 66 20 65 2e 6e 6f 64 65 54 79 70 65 26 26 22 66 75 6e 63 74 69 6f 6e 22 21 3d 74 79 70 65 6f 66 20 65 2e 69 74 65 6d 7d 2c 79 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 6e 75 6c 6c 21 3d 65 26 26 65 3d 3d 3d 65 2e 77 69 6e 64 6f 77 7d 2c 43 3d 69 65 2e 64 6f 63 75 6d 65 6e 74 2c 75 3d 7b 74 79 70 65 3a 21 30 2c 73 72 63 3a 21 30 2c 6e 6f 6e 63 65 3a 21 30 2c 6e 6f 4d 6f 64 75 6c 65 3a 21 30 7d 3b 66 75 6e 63 74 69 6f 6e 20 6d 28 65 2c 74 2c 6e 29 7b 76 61 72
                                                                                                                                                                                                                          Data Ascii: ,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},y=function(e){return null!=e&&e===e.window},C=ie.document,u={type:!0,src:!0,nonce:!0,noModule:!0};function m(e,t,n){var
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 20 74 68 69 73 2e 70 75 73 68 53 74 61 63 6b 28 63 65 2e 67 72 65 70 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 28 74 2b 31 29 25 32 7d 29 29 7d 2c 6f 64 64 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 70 75 73 68 53 74 61 63 6b 28 63 65 2e 67 72 65 70 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 74 25 32 7d 29 29 7d 2c 65 71 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 74 68 69 73 2e 6c 65 6e 67 74 68 2c 6e 3d 2b 65 2b 28 65 3c 30 3f 74 3a 30 29 3b 72 65 74 75 72 6e 20 74 68 69 73 2e 70 75 73 68 53 74 61 63 6b 28 30 3c 3d 6e 26 26 6e 3c 74 3f 5b 74 68 69 73 5b 6e 5d 5d 3a 5b 5d 29 7d 2c 65 6e 64 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72
                                                                                                                                                                                                                          Data Ascii: this.pushStack(ce.grep(this,function(e,t){return(t+1)%2}))},odd:function(){return this.pushStack(ce.grep(this,function(e,t){return t%2}))},eq:function(e){var t=this.length,n=+e+(e<0?t:0);return this.pushStack(0<=n&&n<t?[this[n]]:[])},end:function(){retur
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 28 65 29 7b 76 61 72 20 74 2c 6e 3d 22 22 2c 72 3d 30 2c 69 3d 65 2e 6e 6f 64 65 54 79 70 65 3b 69 66 28 21 69 29 77 68 69 6c 65 28 74 3d 65 5b 72 2b 2b 5d 29 6e 2b 3d 63 65 2e 74 65 78 74 28 74 29 3b 72 65 74 75 72 6e 20 31 3d 3d 3d 69 7c 7c 31 31 3d 3d 3d 69 3f 65 2e 74 65 78 74 43 6f 6e 74 65 6e 74 3a 39 3d 3d 3d 69 3f 65 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2e 74 65 78 74 43 6f 6e 74 65 6e 74 3a 33 3d 3d 3d 69 7c 7c 34 3d 3d 3d 69 3f 65 2e 6e 6f 64 65 56 61 6c 75 65 3a 6e 7d 2c 6d 61 6b 65 41 72 72 61 79 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 3d 74 7c 7c 5b 5d 3b 72 65 74 75 72 6e 20 6e 75 6c 6c 21 3d 65 26 26 28 63 28 4f 62 6a 65 63 74 28 65 29 29 3f 63 65 2e 6d 65 72 67 65 28 6e 2c 22 73 74 72 69 6e 67 22 3d 3d 74 79
                                                                                                                                                                                                                          Data Ascii: (e){var t,n="",r=0,i=e.nodeType;if(!i)while(t=e[r++])n+=ce.text(t);return 1===i||11===i?e.textContent:9===i?e.documentElement.textContent:3===i||4===i?e.nodeValue:n},makeArray:function(e,t){var n=t||[];return null!=e&&(c(Object(e))?ce.merge(n,"string"==ty
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 66 3d 2f 28 5b 5c 30 2d 5c 78 31 66 5c 78 37 66 5d 7c 5e 2d 3f 5c 64 29 7c 5e 2d 24 7c 5b 5e 5c 78 38 30 2d 5c 75 46 46 46 46 5c 77 2d 5d 2f 67 3b 66 75 6e 63 74 69 6f 6e 20 70 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 74 3f 22 5c 30 22 3d 3d 3d 65 3f 22 5c 75 66 66 66 64 22 3a 65 2e 73 6c 69 63 65 28 30 2c 2d 31 29 2b 22 5c 5c 22 2b 65 2e 63 68 61 72 43 6f 64 65 41 74 28 65 2e 6c 65 6e 67 74 68 2d 31 29 2e 74 6f 53 74 72 69 6e 67 28 31 36 29 2b 22 20 22 3a 22 5c 5c 22 2b 65 7d 63 65 2e 65 73 63 61 70 65 53 65 6c 65 63 74 6f 72 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 28 65 2b 22 22 29 2e 72 65 70 6c 61 63 65 28 66 2c 70 29 7d 3b 76 61 72 20 79 65 3d 43 2c 6d 65 3d 73 3b 21 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 2c 62 2c 77 2c 6f 2c
                                                                                                                                                                                                                          Data Ascii: f=/([\0-\x1f\x7f]|^-?\d)|^-$|[^\x80-\uFFFF\w-]/g;function p(e,t){return t?"\0"===e?"\ufffd":e.slice(0,-1)+"\\"+e.charCodeAt(e.length-1).toString(16)+" ":"\\"+e}ce.escapeSelector=function(e){return(e+"").replace(f,p)};var ye=C,me=s;!function(){var e,b,w,o,
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 29 28 3f 3a 5c 5c 28 22 2b 67 65 2b 22 2a 28 28 3f 3a 2d 5c 5c 64 29 3f 5c 5c 64 2a 29 22 2b 67 65 2b 22 2a 5c 5c 29 7c 29 28 3f 3d 5b 5e 2d 5d 7c 24 29 22 2c 22 69 22 29 7d 2c 4e 3d 2f 5e 28 3f 3a 69 6e 70 75 74 7c 73 65 6c 65 63 74 7c 74 65 78 74 61 72 65 61 7c 62 75 74 74 6f 6e 29 24 2f 69 2c 71 3d 2f 5e 68 5c 64 24 2f 69 2c 4c 3d 2f 5e 28 3f 3a 23 28 5b 5c 77 2d 5d 2b 29 7c 28 5c 77 2b 29 7c 5c 2e 28 5b 5c 77 2d 5d 2b 29 29 24 2f 2c 48 3d 2f 5b 2b 7e 5d 2f 2c 4f 3d 6e 65 77 20 52 65 67 45 78 70 28 22 5c 5c 5c 5c 5b 5c 5c 64 61 2d 66 41 2d 46 5d 7b 31 2c 36 7d 22 2b 67 65 2b 22 3f 7c 5c 5c 5c 5c 28 5b 5e 5c 5c 72 5c 5c 6e 5c 5c 66 5d 29 22 2c 22 67 22 29 2c 50 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 3d 22 30 78 22 2b 65 2e 73 6c 69
                                                                                                                                                                                                                          Data Ascii: )(?:\\("+ge+"*((?:-\\d)?\\d*)"+ge+"*\\)|)(?=[^-]|$)","i")},N=/^(?:input|select|textarea|button)$/i,q=/^h\d$/i,L=/^(?:#([\w-]+)|(\w+)|\.([\w-]+))$/,H=/[+~]/,O=new RegExp("\\\\[\\da-fA-F]{1,6}"+ge+"?|\\\\([^\\r\\n\\f])","g"),P=function(e,t){var n="0x"+e.sli
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 28 6c 3d 59 28 74 29 29 2e 6c 65 6e 67 74 68 3b 77 68 69 6c 65 28 6f 2d 2d 29 6c 5b 6f 5d 3d 28 73 3f 22 23 22 2b 73 3a 22 3a 73 63 6f 70 65 22 29 2b 22 20 22 2b 51 28 6c 5b 6f 5d 29 3b 63 3d 6c 2e 6a 6f 69 6e 28 22 2c 22 29 7d 74 72 79 7b 72 65 74 75 72 6e 20 6b 2e 61 70 70 6c 79 28 6e 2c 66 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 63 29 29 2c 6e 7d 63 61 74 63 68 28 65 29 7b 68 28 74 2c 21 30 29 7d 66 69 6e 61 6c 6c 79 7b 73 3d 3d 3d 53 26 26 65 2e 72 65 6d 6f 76 65 41 74 74 72 69 62 75 74 65 28 22 69 64 22 29 7d 7d 7d 72 65 74 75 72 6e 20 72 65 28 74 2e 72 65 70 6c 61 63 65 28 76 65 2c 22 24 31 22 29 2c 65 2c 6e 2c 72 29 7d 66 75 6e 63 74 69 6f 6e 20 57 28 29 7b 76 61 72 20 72 3d 5b 5d 3b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 20 65
                                                                                                                                                                                                                          Data Ascii: (l=Y(t)).length;while(o--)l[o]=(s?"#"+s:":scope")+" "+Q(l[o]);c=l.join(",")}try{return k.apply(n,f.querySelectorAll(c)),n}catch(e){h(t,!0)}finally{s===S&&e.removeAttribute("id")}}}return re(t.replace(ve,"$1"),e,n,r)}function W(){var r=[];return function e
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 75 6e 6c 6f 61 64 22 2c 4d 29 2c 6c 65 2e 67 65 74 42 79 49 64 3d 24 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 72 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 65 29 2e 69 64 3d 63 65 2e 65 78 70 61 6e 64 6f 2c 21 54 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 4e 61 6d 65 7c 7c 21 54 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 4e 61 6d 65 28 63 65 2e 65 78 70 61 6e 64 6f 29 2e 6c 65 6e 67 74 68 7d 29 2c 6c 65 2e 64 69 73 63 6f 6e 6e 65 63 74 65 64 4d 61 74 63 68 3d 24 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 69 2e 63 61 6c 6c 28 65 2c 22 2a 22 29 7d 29 2c 6c 65 2e 73 63 6f 70 65 3d 24 28 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 54 2e 71 75 65 72 79 53 65 6c 65 63 74 6f
                                                                                                                                                                                                                          Data Ascii: dEventListener("unload",M),le.getById=$(function(e){return r.appendChild(e).id=ce.expando,!T.getElementsByName||!T.getElementsByName(ce.expando).length}),le.disconnectedMatch=$(function(e){return i.call(e,"*")}),le.scope=$(function(){return T.querySelecto
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 2b 53 2b 22 2d 5c 72 5c 5c 27 20 64 69 73 61 62 6c 65 64 3d 27 64 69 73 61 62 6c 65 64 27 3e 3c 6f 70 74 69 6f 6e 20 73 65 6c 65 63 74 65 64 3d 27 27 3e 3c 2f 6f 70 74 69 6f 6e 3e 3c 2f 73 65 6c 65 63 74 3e 22 2c 65 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 5b 73 65 6c 65 63 74 65 64 5d 22 29 2e 6c 65 6e 67 74 68 7c 7c 64 2e 70 75 73 68 28 22 5c 5c 5b 22 2b 67 65 2b 22 2a 28 3f 3a 76 61 6c 75 65 7c 22 2b 66 2b 22 29 22 29 2c 65 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 5b 69 64 7e 3d 22 2b 53 2b 22 2d 5d 22 29 2e 6c 65 6e 67 74 68 7c 7c 64 2e 70 75 73 68 28 22 7e 3d 22 29 2c 65 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 61 23 22 2b 53 2b 22 2b 2a 22 29 2e 6c 65 6e 67 74 68 7c 7c 64 2e 70 75 73 68 28 22 2e 23 2e
                                                                                                                                                                                                                          Data Ascii: +S+"-\r\\' disabled='disabled'><option selected=''></option></select>",e.querySelectorAll("[selected]").length||d.push("\\["+ge+"*(?:value|"+f+")"),e.querySelectorAll("[id~="+S+"-]").length||d.push("~="),e.querySelectorAll("a#"+S+"+*").length||d.push(".#.
                                                                                                                                                                                                                          2024-05-05 12:33:18 UTC1369INData Raw: 2c 21 30 29 7d 72 65 74 75 72 6e 20 30 3c 49 28 74 2c 54 2c 6e 75 6c 6c 2c 5b 65 5d 29 2e 6c 65 6e 67 74 68 7d 2c 49 2e 63 6f 6e 74 61 69 6e 73 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 28 65 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 7c 7c 65 29 21 3d 54 26 26 56 28 65 29 2c 63 65 2e 63 6f 6e 74 61 69 6e 73 28 65 2c 74 29 7d 2c 49 2e 61 74 74 72 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 28 65 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 7c 7c 65 29 21 3d 54 26 26 56 28 65 29 3b 76 61 72 20 6e 3d 62 2e 61 74 74 72 48 61 6e 64 6c 65 5b 74 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 5d 2c 72 3d 6e 26 26 75 65 2e 63 61 6c 6c 28 62 2e 61 74 74 72 48 61 6e 64 6c 65 2c 74 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 29 3f 6e 28 65 2c 74 2c 21 43
                                                                                                                                                                                                                          Data Ascii: ,!0)}return 0<I(t,T,null,[e]).length},I.contains=function(e,t){return(e.ownerDocument||e)!=T&&V(e),ce.contains(e,t)},I.attr=function(e,t){(e.ownerDocument||e)!=T&&V(e);var n=b.attrHandle[t.toLowerCase()],r=n&&ue.call(b.attrHandle,t.toLowerCase())?n(e,t,!C


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          27192.168.2.449772104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC657OUTGET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: script
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC783INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:19 GMT
                                                                                                                                                                                                                          Content-Type: application/javascript
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Wed, 09 Aug 2023 13:02:38 GMT
                                                                                                                                                                                                                          ETag: W/"4281e-3509-6027d181b0e38-gzip"
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: EXPIRED
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wNidg7EC%2B0pDgR2wZSnaV0txNNpvC9aN4RAenNMxc4mFC3Pbc5rtodblNOcWtBpieqQBGnG1EES3WyEbqj%2FV%2BbzCgdPRTV1eY1SBGMfz2Ik75nMp%2FQvSJsbX%2FdQ%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c21f0ce42d1d-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC586INData Raw: 33 35 30 39 0d 0a 2f 2a 21 20 6a 51 75 65 72 79 20 4d 69 67 72 61 74 65 20 76 33 2e 34 2e 31 20 7c 20 28 63 29 20 4f 70 65 6e 4a 53 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 6f 74 68 65 72 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 20 7c 20 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 20 2a 2f 0a 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 74 79 70 65 6f 66 20 6a 51 75 65 72 79 2e 6d 69 67 72 61 74 65 4d 75 74 65 26 26 28 6a 51 75 65 72 79 2e 6d 69 67 72 61 74 65 4d 75 74 65 3d 21 30 29 2c 66 75 6e 63 74 69 6f 6e 28 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 3f 64 65 66 69 6e 65 28 5b 22 6a 71 75 65 72 79 22 5d 2c 66 75 6e 63 74 69 6f
                                                                                                                                                                                                                          Data Ascii: 3509/*! jQuery Migrate v3.4.1 | (c) OpenJS Foundation and other contributors | jquery.org/license */"undefined"==typeof jQuery.migrateMute&&(jQuery.migrateMute=!0),function(t){"use strict";"function"==typeof define&&define.amd?define(["jquery"],functio
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC1369INData Raw: 66 6e 2e 6a 71 75 65 72 79 2c 65 29 7d 73 2e 6d 69 67 72 61 74 65 56 65 72 73 69 6f 6e 3d 22 33 2e 34 2e 31 22 3b 76 61 72 20 74 3d 4f 62 6a 65 63 74 2e 63 72 65 61 74 65 28 6e 75 6c 6c 29 3b 73 2e 6d 69 67 72 61 74 65 44 69 73 61 62 6c 65 50 61 74 63 68 65 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72 28 76 61 72 20 65 3d 30 3b 65 3c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 65 2b 2b 29 74 5b 61 72 67 75 6d 65 6e 74 73 5b 65 5d 5d 3d 21 30 7d 2c 73 2e 6d 69 67 72 61 74 65 45 6e 61 62 6c 65 50 61 74 63 68 65 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72 28 76 61 72 20 65 3d 30 3b 65 3c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 65 2b 2b 29 64 65 6c 65 74 65 20 74 5b 61 72 67 75 6d 65 6e 74 73 5b 65 5d 5d 7d 2c 73 2e 6d 69 67 72 61 74
                                                                                                                                                                                                                          Data Ascii: fn.jquery,e)}s.migrateVersion="3.4.1";var t=Object.create(null);s.migrateDisablePatches=function(){for(var e=0;e<arguments.length;e++)t[arguments[e]]=!0},s.migrateEnablePatches=function(){for(var e=0;e<arguments.length;e++)delete t[arguments[e]]},s.migrat
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC1369INData Raw: 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 6f 3d 7b 7d 2c 73 2e 6d 69 67 72 61 74 65 57 61 72 6e 69 6e 67 73 2e 6c 65 6e 67 74 68 3d 30 7d 2c 22 42 61 63 6b 43 6f 6d 70 61 74 22 3d 3d 3d 6e 2e 64 6f 63 75 6d 65 6e 74 2e 63 6f 6d 70 61 74 4d 6f 64 65 26 26 75 28 22 71 75 69 72 6b 73 22 2c 22 6a 51 75 65 72 79 20 69 73 20 6e 6f 74 20 63 6f 6d 70 61 74 69 62 6c 65 20 77 69 74 68 20 51 75 69 72 6b 73 20 4d 6f 64 65 22 29 3b 76 61 72 20 64 2c 6c 2c 70 2c 66 3d 7b 7d 2c 6d 3d 73 2e 66 6e 2e 69 6e 69 74 2c 79 3d 73 2e 66 69 6e 64 2c 68 3d 2f 5c 5b 28 5c 73 2a 5b 2d 5c 77 5d 2b 5c 73 2a 29 28 5b 7e 7c 5e 24 2a 5d 3f 3d 29 5c 73 2a 28 5b 2d 5c 77 23 5d 2a 3f 23 5b 2d 5c 77 23 5d 2a 29 5c 73 2a 5c 5d 2f 2c 67 3d 2f 5c 5b 28 5c 73 2a 5b 2d 5c 77 5d 2b 5c 73 2a 29 28 5b
                                                                                                                                                                                                                          Data Ascii: t=function(){o={},s.migrateWarnings.length=0},"BackCompat"===n.document.compatMode&&u("quirks","jQuery is not compatible with Quirks Mode");var d,l,p,f={},m=s.fn.init,y=s.find,h=/\[(\s*[-\w]+\s*)([~|^$*]?=)\s*([-\w#]*?#[-\w#]*)\s*\]/,g=/\[(\s*[-\w]+\s*)([
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC1369INData Raw: 63 61 74 65 64 3b 20 75 73 65 20 4a 53 4f 4e 2e 70 61 72 73 65 22 29 2c 63 28 73 2c 22 68 6f 6c 64 52 65 61 64 79 22 2c 73 2e 68 6f 6c 64 52 65 61 64 79 2c 22 68 6f 6c 64 52 65 61 64 79 22 2c 22 6a 51 75 65 72 79 2e 68 6f 6c 64 52 65 61 64 79 20 69 73 20 64 65 70 72 65 63 61 74 65 64 22 29 2c 63 28 73 2c 22 75 6e 69 71 75 65 22 2c 73 2e 75 6e 69 71 75 65 53 6f 72 74 2c 22 75 6e 69 71 75 65 22 2c 22 6a 51 75 65 72 79 2e 75 6e 69 71 75 65 20 69 73 20 64 65 70 72 65 63 61 74 65 64 3b 20 75 73 65 20 6a 51 75 65 72 79 2e 75 6e 69 71 75 65 53 6f 72 74 22 29 2c 72 28 73 2e 65 78 70 72 2c 22 66 69 6c 74 65 72 73 22 2c 73 2e 65 78 70 72 2e 70 73 65 75 64 6f 73 2c 22 65 78 70 72 2d 70 72 65 2d 70 73 65 75 64 6f 73 22 2c 22 6a 51 75 65 72 79 2e 65 78 70 72 2e 66 69
                                                                                                                                                                                                                          Data Ascii: cated; use JSON.parse"),c(s,"holdReady",s.holdReady,"holdReady","jQuery.holdReady is deprecated"),c(s,"unique",s.uniqueSort,"unique","jQuery.unique is deprecated; use jQuery.uniqueSort"),r(s.expr,"filters",s.expr.pseudos,"expr-pre-pseudos","jQuery.expr.fi
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC1369INData Raw: 74 65 64 22 29 2c 63 28 73 2c 22 69 73 57 69 6e 64 6f 77 22 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 6e 75 6c 6c 21 3d 65 26 26 65 3d 3d 3d 65 2e 77 69 6e 64 6f 77 7d 2c 22 69 73 57 69 6e 64 6f 77 22 2c 22 6a 51 75 65 72 79 2e 69 73 57 69 6e 64 6f 77 28 29 20 69 73 20 64 65 70 72 65 63 61 74 65 64 22 29 29 2c 73 2e 61 6a 61 78 26 26 28 6c 3d 73 2e 61 6a 61 78 2c 70 3d 2f 28 3d 29 5c 3f 28 3f 3d 26 7c 24 29 7c 5c 3f 5c 3f 2f 2c 69 28 73 2c 22 61 6a 61 78 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 6c 2e 61 70 70 6c 79 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 3b 72 65 74 75 72 6e 20 65 2e 70 72 6f 6d 69 73 65 26 26 28 63 28 65 2c 22 73 75 63 63 65 73 73 22 2c 65 2e 64 6f 6e 65 2c 22 6a 71 58 48 52 2d 6d 65 74 68 6f 64
                                                                                                                                                                                                                          Data Ascii: ted"),c(s,"isWindow",function(e){return null!=e&&e===e.window},"isWindow","jQuery.isWindow() is deprecated")),s.ajax&&(l=s.ajax,p=/(=)\?(?=&|$)|\?\?/,i(s,"ajax",function(){var e=l.apply(this,arguments);return e.promise&&(c(e,"success",e.done,"jqXHR-method
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC1369INData Raw: 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 74 68 69 73 2e 67 65 74 41 74 74 72 69 62 75 74 65 26 26 74 68 69 73 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 63 6c 61 73 73 22 29 7c 7c 22 22 3b 65 26 26 73 2e 64 61 74 61 28 74 68 69 73 2c 22 5f 5f 63 6c 61 73 73 4e 61 6d 65 5f 5f 22 2c 65 29 2c 74 68 69 73 2e 73 65 74 41 74 74 72 69 62 75 74 65 26 26 74 68 69 73 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 63 6c 61 73 73 22 2c 21 65 26 26 21 31 21 3d 3d 74 26 26 73 2e 64 61 74 61 28 74 68 69 73 2c 22 5f 5f 63 6c 61 73 73 4e 61 6d 65 5f 5f 22 29 7c 7c 22 22 29 7d 29 29 7d 2c 22 74 6f 67 67 6c 65 43 6c 61 73 73 2d 62 6f 6f 6c 22 29 3b 76 61 72 20 51 2c 41 2c 52 3d 21 31 2c 43 3d 2f 5e 5b 61 2d 7a 5d 2f 2c 4e 3d 2f 5e 28 3f 3a 42 6f 72 64 65 72 28 3f
                                                                                                                                                                                                                          Data Ascii: function(){var e=this.getAttribute&&this.getAttribute("class")||"";e&&s.data(this,"__className__",e),this.setAttribute&&this.setAttribute("class",!e&&!1!==t&&s.data(this,"__className__")||"")}))},"toggleClass-bool");var Q,A,R=!1,C=/^[a-z]/,N=/^(?:Border(?
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC1369INData Raw: 65 66 6c 65 63 74 2e 67 65 74 2e 61 70 70 6c 79 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 7d 2c 73 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 75 28 22 63 73 73 2d 6e 75 6d 62 65 72 22 2c 22 6a 51 75 65 72 79 2e 63 73 73 4e 75 6d 62 65 72 20 69 73 20 64 65 70 72 65 63 61 74 65 64 22 29 2c 52 65 66 6c 65 63 74 2e 73 65 74 2e 61 70 70 6c 79 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 7d 7d 29 3a 73 2e 63 73 73 4e 75 6d 62 65 72 3d 41 29 3a 41 3d 73 2e 63 73 73 4e 75 6d 62 65 72 2c 51 3d 73 2e 66 6e 2e 63 73 73 2c 69 28 73 2e 66 6e 2c 22 63 73 73 22 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 72 2c 6e 2c 6f 3d 74 68 69 73 3b 72 65 74 75 72 6e 20 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 26 26 21
                                                                                                                                                                                                                          Data Ascii: eflect.get.apply(this,arguments)},set:function(){return u("css-number","jQuery.cssNumber is deprecated"),Reflect.set.apply(this,arguments)}}):s.cssNumber=A):A=s.cssNumber,Q=s.fn.css,i(s.fn,"css",function(e,t){var r,n,o=this;return e&&"object"==typeof e&&!
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC1369INData Raw: 51 75 65 72 79 2e 66 78 2e 69 6e 74 65 72 76 61 6c 20 69 73 20 64 65 70 72 65 63 61 74 65 64 22 2c 6e 2e 72 65 71 75 65 73 74 41 6e 69 6d 61 74 69 6f 6e 46 72 61 6d 65 26 26 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 73 2e 66 78 2c 22 69 6e 74 65 72 76 61 6c 22 2c 7b 63 6f 6e 66 69 67 75 72 61 62 6c 65 3a 21 30 2c 65 6e 75 6d 65 72 61 62 6c 65 3a 21 30 2c 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6e 2e 64 6f 63 75 6d 65 6e 74 2e 68 69 64 64 65 6e 7c 7c 75 28 22 66 78 2d 69 6e 74 65 72 76 61 6c 22 2c 50 29 2c 73 2e 6d 69 67 72 61 74 65 49 73 50 61 74 63 68 45 6e 61 62 6c 65 64 28 22 66 78 2d 69 6e 74 65 72 76 61 6c 22 29 26 26 76 6f 69 64 20 30 3d 3d 3d 53 3f 31 33 3a 53 7d 2c 73 65 74 3a 66 75 6e 63 74 69 6f
                                                                                                                                                                                                                          Data Ascii: Query.fx.interval is deprecated",n.requestAnimationFrame&&Object.defineProperty(s.fx,"interval",{configurable:!0,enumerable:!0,get:function(){return n.document.hidden||u("fx-interval",P),s.migrateIsPatchEnabled("fx-interval")&&void 0===S?13:S},set:functio
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC1369INData Raw: 51 75 65 72 79 2e 66 6e 2e 22 2b 74 2b 22 28 29 20 69 73 20 64 65 70 72 65 63 61 74 65 64 22 29 2c 65 2e 73 70 6c 69 63 65 28 30 2c 30 2c 74 29 2c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3f 74 68 69 73 2e 6f 6e 2e 61 70 70 6c 79 28 74 68 69 73 2c 65 29 3a 28 74 68 69 73 2e 74 72 69 67 67 65 72 48 61 6e 64 6c 65 72 2e 61 70 70 6c 79 28 74 68 69 73 2c 65 29 2c 74 68 69 73 29 29 7d 2c 22 73 68 6f 72 74 68 61 6e 64 2d 72 65 6d 6f 76 65 64 2d 76 33 22 29 7d 29 2c 73 2e 65 61 63 68 28 22 62 6c 75 72 20 66 6f 63 75 73 20 66 6f 63 75 73 69 6e 20 66 6f 63 75 73 6f 75 74 20 72 65 73 69 7a 65 20 73 63 72 6f 6c 6c 20 63 6c 69 63 6b 20 64 62 6c 63 6c 69 63 6b 20 6d 6f 75 73 65 64 6f 77 6e 20 6d 6f 75 73 65 75 70 20 6d 6f 75 73 65 6d 6f 76 65 20 6d 6f 75 73 65
                                                                                                                                                                                                                          Data Ascii: Query.fn."+t+"() is deprecated"),e.splice(0,0,t),arguments.length?this.on.apply(this,e):(this.triggerHandler.apply(this,e),this))},"shorthand-removed-v3")}),s.each("blur focus focusin focusout resize scroll click dblclick mousedown mouseup mousemove mouse
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC1369INData Raw: 74 61 74 69 6f 6e 2e 63 72 65 61 74 65 48 54 4d 4c 44 6f 63 75 6d 65 6e 74 28 22 22 29 3b 72 65 74 75 72 6e 20 74 2e 62 6f 64 79 2e 69 6e 6e 65 72 48 54 4d 4c 3d 65 2c 74 2e 62 6f 64 79 26 26 74 2e 62 6f 64 79 2e 69 6e 6e 65 72 48 54 4d 4c 7d 76 61 72 20 46 3d 2f 3c 28 3f 21 61 72 65 61 7c 62 72 7c 63 6f 6c 7c 65 6d 62 65 64 7c 68 72 7c 69 6d 67 7c 69 6e 70 75 74 7c 6c 69 6e 6b 7c 6d 65 74 61 7c 70 61 72 61 6d 29 28 28 5b 61 2d 7a 5d 5b 5e 5c 2f 5c 30 3e 5c 78 32 30 5c 74 5c 72 5c 6e 5c 66 5d 2a 29 5b 5e 3e 5d 2a 29 5c 2f 3e 2f 67 69 3b 73 2e 55 4e 53 41 46 45 5f 72 65 73 74 6f 72 65 4c 65 67 61 63 79 48 74 6d 6c 50 72 65 66 69 6c 74 65 72 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 73 2e 6d 69 67 72 61 74 65 45 6e 61 62 6c 65 50 61 74 63 68 65 73 28 22 73 65 6c
                                                                                                                                                                                                                          Data Ascii: tation.createHTMLDocument("");return t.body.innerHTML=e,t.body&&t.body.innerHTML}var F=/<(?!area|br|col|embed|hr|img|input|link|meta|param)(([a-z][^\/\0>\x20\t\r\n\f]*)[^>]*)\/>/gi;s.UNSAFE_restoreLegacyHtmlPrefilter=function(){s.migrateEnablePatches("sel


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          28192.168.2.449773104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC675OUTGET /wp-content/plugins/nextgen-gallery/static/Legacy/ajax.min.js?ver=3.59.2 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: script
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC787INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:19 GMT
                                                                                                                                                                                                                          Content-Type: application/javascript
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Wed, 10 Apr 2024 18:11:08 GMT
                                                                                                                                                                                                                          ETag: W/"1020af-ade-615c1f675be6a-gzip"
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yNBC9S54e9RZmgpzoXuBEftK%2BkNs8c981I392AAFXqrg06CBlpZ75yiCH6yGAWSopGU%2BCdAyR%2FtB300GnOPT%2B95knWYZzbWceSxmnL%2BFx%2FknGek1W%2BrHr0EGuW8%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c21f3bba2d0b-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC582INData Raw: 61 64 65 0d 0a 2f 2f 20 54 4f 44 4f 3a 20 54 68 69 73 20 66 69 6c 65 20 63 61 6e 20 62 65 20 72 65 6d 6f 76 65 64 20 6f 6e 63 65 20 74 68 65 20 6d 69 6e 69 6d 75 6d 20 50 72 6f 20 41 50 49 20 76 65 72 73 69 6f 6e 20 69 73 20 34 2e 30 0a 45 61 73 79 43 6f 6f 6b 69 65 3d 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 45 50 4f 43 48 3d 27 54 68 75 2c 20 30 31 2d 4a 61 6e 2d 31 39 37 30 20 30 30 3a 30 30 3a 30 31 20 47 4d 54 27 2c 52 41 54 49 4f 3d 31 30 30 30 2a 36 30 2a 36 30 2a 32 34 2c 4b 45 59 53 3d 5b 27 65 78 70 69 72 65 73 27 2c 27 70 61 74 68 27 2c 27 64 6f 6d 61 69 6e 27 5d 2c 65 73 63 3d 65 73 63 61 70 65 2c 75 6e 3d 75 6e 65 73 63 61 70 65 2c 64 6f 63 3d 64 6f 63 75 6d 65 6e 74 2c 6d 65 3b 76 61 72 20 67 65 74 5f 6e 6f 77 3d 66 75 6e 63 74 69 6f
                                                                                                                                                                                                                          Data Ascii: ade// TODO: This file can be removed once the minimum Pro API version is 4.0EasyCookie=(function(){var EPOCH='Thu, 01-Jan-1970 00:00:01 GMT',RATIO=1000*60*60*24,KEYS=['expires','path','domain'],esc=escape,un=unescape,doc=document,me;var get_now=functio
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC1369INData Raw: 74 75 72 6e 20 72 2e 6a 6f 69 6e 28 27 3b 20 27 29 3b 7d 0a 20 20 20 20 76 61 72 20 61 6c 69 76 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 6b 3d 27 5f 5f 45 43 5f 54 45 53 54 5f 5f 27 2c 76 3d 6e 65 77 20 44 61 74 65 28 29 3b 76 3d 76 2e 74 6f 47 4d 54 53 74 72 69 6e 67 28 29 3b 74 68 69 73 2e 73 65 74 28 6b 2c 76 29 3b 74 68 69 73 2e 65 6e 61 62 6c 65 64 3d 28 74 68 69 73 2e 72 65 6d 6f 76 65 28 6b 29 3d 3d 76 29 3b 72 65 74 75 72 6e 20 74 68 69 73 2e 65 6e 61 62 6c 65 64 3b 7d 0a 20 20 20 20 6d 65 3d 7b 73 65 74 3a 66 75 6e 63 74 69 6f 6e 28 6b 65 79 2c 76 61 6c 29 7b 76 61 72 20 6f 70 74 3d 28 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3e 32 29 3f 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3a 7b 7d 2c 6e 6f 77 3d 67 65 74 5f 6e 6f 77 28 29 2c 65
                                                                                                                                                                                                                          Data Ascii: turn r.join('; ');} var alive=function(){var k='__EC_TEST__',v=new Date();v=v.toGMTString();this.set(k,v);this.enabled=(this.remove(k)==v);return this.enabled;} me={set:function(key,val){var opt=(arguments.length>2)?arguments[2]:{},now=get_now(),e
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC838INData Raw: 30 5d 29 2c 75 6e 28 70 5b 31 5d 29 5d 29 3b 7d 0a 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 72 3b 7d 2c 76 65 72 73 69 6f 6e 3a 27 30 2e 32 2e 31 27 2c 65 6e 61 62 6c 65 64 3a 66 61 6c 73 65 7d 3b 6d 65 2e 65 6e 61 62 6c 65 64 3d 61 6c 69 76 65 2e 63 61 6c 6c 28 6d 65 29 3b 72 65 74 75 72 6e 20 6d 65 3b 7d 28 29 29 3b 0a 0a 77 69 6e 64 6f 77 2e 4e 67 67 5f 53 74 6f 72 65 20 3d 20 7b 0a 0a 20 20 20 20 67 65 74 3a 20 66 75 6e 63 74 69 6f 6e 28 6b 65 79 29 7b 0a 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 45 61 73 79 43 6f 6f 6b 69 65 2e 67 65 74 28 6b 65 79 29 3b 0a 20 20 20 20 7d 2c 0a 0a 20 20 20 20 73 65 74 3a 20 66 75 6e 63 74 69 6f 6e 28 6b 65 79 2c 20 76 61 6c 75 65 29 7b 0a 20 20 20 20 20 20 20 20 69 66 20 28 74 79 70 65 6f 66 28 76 61 6c 75 65
                                                                                                                                                                                                                          Data Ascii: 0]),un(p[1])]);} return r;},version:'0.2.1',enabled:false};me.enabled=alive.call(me);return me;}());window.Ngg_Store = { get: function(key){ return EasyCookie.get(key); }, set: function(key, value){ if (typeof(value
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          29192.168.2.449774104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC671OUTGET /wp-content/plugins/edd-user-history/assets/js/tracking.js?ver=1.2.0 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: script
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC846INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:19 GMT
                                                                                                                                                                                                                          Content-Type: application/javascript
                                                                                                                                                                                                                          Content-Length: 341
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cf-Bgj: minify
                                                                                                                                                                                                                          Cf-Polished: origSize=660
                                                                                                                                                                                                                          ETag: "1f8b20-294-5834637ba89bd-gzip"
                                                                                                                                                                                                                          Last-Modified: Mon, 04 Mar 2019 15:14:49 GMT
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: HIT
                                                                                                                                                                                                                          Age: 2339
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3GwHT1StvnQF7iIr%2BcGD4Ja5uT%2BRnIdyQP07dmrN%2Fg3N91Lg3Cy8Mkfls8UuzD507extxXgLR%2FJevogCXNhT%2BYJDW6vHzksVOQGnMNjaDpki6N21U6XeC9kLnME%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c21fa99a3b95-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC341INData Raw: 28 66 75 6e 63 74 69 6f 6e 28 77 69 6e 64 6f 77 2c 64 6f 63 75 6d 65 6e 74 2c 24 2c 75 6e 64 65 66 69 6e 65 64 29 7b 76 61 72 20 45 44 44 55 48 3d 7b 69 6e 69 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 45 44 44 55 48 2e 74 72 61 63 6b 48 69 73 74 6f 72 79 28 29 3b 7d 2c 74 72 61 63 6b 48 69 73 74 6f 72 79 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 24 2e 61 6a 61 78 28 7b 74 79 70 65 3a 22 50 4f 53 54 22 2c 75 72 6c 3a 65 64 64 75 68 2e 61 6a 61 78 55 72 6c 2c 64 61 74 61 3a 7b 61 63 74 69 6f 6e 3a 27 65 64 64 75 68 5f 74 72 61 63 6b 5f 68 69 73 74 6f 72 79 27 2c 70 61 67 65 5f 75 72 6c 3a 65 64 64 75 68 2e 63 75 72 72 65 6e 74 55 72 6c 2c 72 65 66 65 72 72 65 72 3a 64 6f 63 75 6d 65 6e 74 2e 72 65 66 65 72 72 65 72 7d 2c 73 75 63 63 65 73 73 3a 66 75 6e 63 74 69 6f
                                                                                                                                                                                                                          Data Ascii: (function(window,document,$,undefined){var EDDUH={init:function(){EDDUH.trackHistory();},trackHistory:function(){$.ajax({type:"POST",url:edduh.ajaxUrl,data:{action:'edduh_track_history',page_url:edduh.currentUrl,referrer:document.referrer},success:functio


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          30192.168.2.449775104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC683OUTGET /wp-content/plugins/edd-recurring/assets/js/edd-frontend-recurring.js?ver=2.12.3 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: script
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC845INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:19 GMT
                                                                                                                                                                                                                          Content-Type: application/javascript
                                                                                                                                                                                                                          Content-Length: 2726
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cf-Bgj: minify
                                                                                                                                                                                                                          Cf-Polished: origSize=3851
                                                                                                                                                                                                                          ETag: "ff71e-f0b-615e2e3975a0c-gzip"
                                                                                                                                                                                                                          Last-Modified: Fri, 12 Apr 2024 09:28:05 GMT
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: HIT
                                                                                                                                                                                                                          Age: 2339
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zUGoCSTh2pckZawVLFDYmvSDU1ec%2Bgu3WPzavJjlVBy3KmVqc1AJPYPctPForMtAU9O7cOe%2Bu1%2FWnE9PklJyrRrNGWvj06pfU3VhiaIBQ1eFhX%2FKS9GhvIkg03Q%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c22089ab3b3e-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC524INData Raw: 76 61 72 20 65 64 64 5f 73 63 72 69 70 74 73 3b 6a 51 75 65 72 79 28 64 6f 63 75 6d 65 6e 74 29 2e 72 65 61 64 79 28 66 75 6e 63 74 69 6f 6e 28 24 29 7b 24 28 27 2e 65 64 64 5f 73 75 62 73 63 72 69 70 74 69 6f 6e 5f 63 61 6e 63 65 6c 27 29 2e 6f 6e 28 27 63 6c 69 63 6b 27 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 63 6f 6e 66 69 72 6d 28 65 64 64 5f 72 65 63 75 72 72 69 6e 67 5f 76 61 72 73 2e 63 6f 6e 66 69 72 6d 5f 63 61 6e 63 65 6c 29 29 7b 72 65 74 75 72 6e 20 74 72 75 65 3b 7d 0a 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 7d 29 3b 24 28 27 2e 65 64 64 5f 64 6f 77 6e 6c 6f 61 64 5f 70 75 72 63 68 61 73 65 5f 66 6f 72 6d 27 29 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 66 6f 72 6d 3d 24 28 74 68 69 73 29 3b 69 66 28 66 6f 72 6d 2e
                                                                                                                                                                                                                          Data Ascii: var edd_scripts;jQuery(document).ready(function($){$('.edd_subscription_cancel').on('click',function(e){if(confirm(edd_recurring_vars.confirm_cancel)){return true;}return false;});$('.edd_download_purchase_form').each(function(){var form=$(this);if(form.
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC1369INData Raw: 2e 73 68 6f 77 28 29 3b 7d 65 6c 73 65 20 69 66 28 66 6f 72 6d 2e 66 69 6e 64 28 27 2e 65 64 64 2d 63 70 2d 63 6f 6e 74 61 69 6e 65 72 27 29 2e 6c 65 6e 67 74 68 29 7b 66 6f 72 6d 2e 66 69 6e 64 28 27 2e 65 64 64 5f 63 70 5f 70 72 69 63 65 27 29 2e 6b 65 79 75 70 28 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72 6d 2e 66 69 6e 64 28 27 2e 65 64 64 72 2d 74 65 72 6d 73 2d 6e 6f 74 69 63 65 2c 2e 65 64 64 72 2d 73 69 67 6e 75 70 2d 66 65 65 2d 6e 6f 74 69 63 65 27 29 2e 68 69 64 65 28 29 3b 66 6f 72 6d 2e 66 69 6e 64 28 27 2e 65 64 64 72 2d 63 75 73 74 6f 6d 2d 74 65 72 6d 73 2d 6e 6f 74 69 63 65 2c 2e 65 64 64 72 2d 63 75 73 74 6f 6d 2d 73 69 67 6e 75 70 2d 66 65 65 2d 6e 6f 74 69 63 65 27 29 2e 73 68 6f 77 28 29 3b 7d 29 3b 7d 7d 29 3b 24 28 27 23 65 64 64 5f
                                                                                                                                                                                                                          Data Ascii: .show();}else if(form.find('.edd-cp-container').length){form.find('.edd_cp_price').keyup(function(){form.find('.eddr-terms-notice,.eddr-signup-fee-notice').hide();form.find('.eddr-custom-terms-notice,.eddr-custom-signup-fee-notice').show();});}});$('#edd_
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC833INData Raw: 6d 6f 75 6e 74 3d 24 28 27 2e 27 2b 6b 65 79 29 3b 69 66 28 61 6d 6f 75 6e 74 2e 6c 65 6e 67 74 68 29 7b 61 6d 6f 75 6e 74 2e 74 65 78 74 28 64 61 74 61 2e 72 65 63 75 72 72 69 6e 67 5f 73 6c 5b 6b 65 79 5d 29 3b 7d 7d 7d 7d 7d 0a 24 28 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 29 2e 6f 6e 28 27 65 64 64 5f 74 61 78 65 73 5f 72 65 63 61 6c 63 75 6c 61 74 65 64 27 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 72 65 73 70 6f 6e 73 65 29 7b 69 66 28 21 65 64 64 5f 72 65 63 75 72 72 69 6e 67 5f 76 61 72 73 2e 68 61 73 5f 74 72 69 61 6c 29 7b 72 65 74 75 72 6e 3b 7d 0a 6c 65 74 20 73 65 6c 65 63 74 6f 72 3d 24 28 27 2e 65 64 64 5f 72 65 63 75 72 72 69 6e 67 5f 74 72 69 61 6c 5f 74 6f 74 61 6c 5f 6e 6f 74 65 27 29 3b 69 66 28 73 65 6c 65 63 74 6f 72 26 26 24 28 27 2e 65 64
                                                                                                                                                                                                                          Data Ascii: mount=$('.'+key);if(amount.length){amount.text(data.recurring_sl[key]);}}}}}$(document.body).on('edd_taxes_recalculated',function(e,response){if(!edd_recurring_vars.has_trial){return;}let selector=$('.edd_recurring_trial_total_note');if(selector&&$('.ed


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          31192.168.2.449776104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC629OUTGET /js/anchor-offset.js?ver=2 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: script
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC843INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:19 GMT
                                                                                                                                                                                                                          Content-Type: application/javascript
                                                                                                                                                                                                                          Content-Length: 1179
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cf-Bgj: minify
                                                                                                                                                                                                                          Cf-Polished: origSize=2210
                                                                                                                                                                                                                          ETag: "bec90-8a2-5d42253077a66-gzip"
                                                                                                                                                                                                                          Last-Modified: Mon, 27 Dec 2021 15:26:10 GMT
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: HIT
                                                                                                                                                                                                                          Age: 6041
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MrVDt0hxhx2U%2FfxgvkApWadZNAQgqyhJvXmrkQOFNLn%2FQDlgxwjKGnoNRKNxd4q7O6ZAd1dB5a8R%2F87qHhtdwZkAveK1D0wAb4YzI0wrGbCpOUrpB6DQGZvhGjc%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c220af149c4f-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC526INData Raw: 28 66 75 6e 63 74 69 6f 6e 28 64 6f 63 75 6d 65 6e 74 2c 68 69 73 74 6f 72 79 2c 6c 6f 63 61 74 69 6f 6e 29 7b 76 61 72 20 48 49 53 54 4f 52 59 5f 53 55 50 50 4f 52 54 3d 21 21 28 68 69 73 74 6f 72 79 26 26 68 69 73 74 6f 72 79 2e 70 75 73 68 53 74 61 74 65 29 3b 76 61 72 20 61 6e 63 68 6f 72 53 63 72 6f 6c 6c 73 3d 7b 41 4e 43 48 4f 52 5f 52 45 47 45 58 3a 2f 5e 23 5b 5e 20 5d 2b 24 2f 2c 4f 46 46 53 45 54 5f 48 45 49 47 48 54 5f 50 58 3a 37 35 2c 69 6e 69 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 73 63 72 6f 6c 6c 54 6f 43 75 72 72 65 6e 74 28 29 3b 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 27 68 61 73 68 63 68 61 6e 67 65 27 2c 74 68 69 73 2e 73 63 72 6f 6c 6c 54 6f 43 75 72 72 65 6e 74 2e 62 69 6e 64 28 74 68
                                                                                                                                                                                                                          Data Ascii: (function(document,history,location){var HISTORY_SUPPORT=!!(history&&history.pushState);var anchorScrolls={ANCHOR_REGEX:/^#[^ ]+$/,OFFSET_HEIGHT_PX:75,init:function(){this.scrollToCurrent();window.addEventListener('hashchange',this.scrollToCurrent.bind(th
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC653INData Raw: 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 68 72 65 66 2e 73 6c 69 63 65 28 31 29 29 3b 69 66 28 6d 61 74 63 68 29 7b 72 65 63 74 3d 6d 61 74 63 68 2e 67 65 74 42 6f 75 6e 64 69 6e 67 43 6c 69 65 6e 74 52 65 63 74 28 29 3b 61 6e 63 68 6f 72 4f 66 66 73 65 74 3d 77 69 6e 64 6f 77 2e 70 61 67 65 59 4f 66 66 73 65 74 2b 72 65 63 74 2e 74 6f 70 2d 74 68 69 73 2e 67 65 74 46 69 78 65 64 4f 66 66 73 65 74 28 29 3b 77 69 6e 64 6f 77 2e 73 63 72 6f 6c 6c 54 6f 28 77 69 6e 64 6f 77 2e 70 61 67 65 58 4f 66 66 73 65 74 2c 61 6e 63 68 6f 72 4f 66 66 73 65 74 29 3b 69 66 28 48 49 53 54 4f 52 59 5f 53 55 50 50 4f 52 54 26 26 70 75 73 68 54 6f 48 69 73 74 6f 72 79 29 7b 68 69 73 74 6f 72 79 2e 70 75 73 68 53 74 61 74 65 28 7b 7d 2c 64 6f 63 75 6d 65 6e 74 2e 74 69
                                                                                                                                                                                                                          Data Ascii: .getElementById(href.slice(1));if(match){rect=match.getBoundingClientRect();anchorOffset=window.pageYOffset+rect.top-this.getFixedOffset();window.scrollTo(window.pageXOffset,anchorOffset);if(HISTORY_SUPPORT&&pushToHistory){history.pushState({},document.ti


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          32192.168.2.449777104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC857OUTPOST /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 136
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded; charset=UTF-8
                                                                                                                                                                                                                          X-Requested-With: XMLHttpRequest
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; _ga_ZV0D0J286B=GS1.1.1714912397.1.0.1714912397.60.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC136OUTData Raw: 61 63 74 69 6f 6e 3d 65 64 64 75 68 5f 74 72 61 63 6b 5f 68 69 73 74 6f 72 79 26 70 61 67 65 5f 75 72 6c 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 62 69 74 73 75 6d 2e 63 6f 6d 25 32 46 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 25 32 46 25 33 46 64 69 73 63 6f 75 6e 74 25 33 44 42 49 54 53 55 4d 32 35 4f 46 46 25 32 36 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 25 33 44 31 26 72 65 66 65 72 72 65 72 3d
                                                                                                                                                                                                                          Data Ascii: action=edduh_track_history&page_url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&referrer=
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC1250INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:19 GMT
                                                                                                                                                                                                                          Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                          Content-Length: 120
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          X-Robots-Tag: noindex
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                          Set-Cookie: edduh_hash=f64c1b5ad54308ff358e35294e6cdb1a; expires=Sun, 12-May-2024 12:33:19 GMT; Max-Age=604800; path=/
                                                                                                                                                                                                                          Set-Cookie: edduh_hash=3a458d44b6e3f124fff5203a8324949c; expires=Sun, 12-May-2024 12:33:19 GMT; Max-Age=604800; path=/
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x4uIyn0uI8VVzsAuQYznV2CmEpkyH8ChcP5O40gXvFrP3uAEZmCY3xX7aX8aX2ElqIO5YO1EdZJQ64UD4PV49465Q3qge2G3z5wBJdmNyEBbvm81rpOzKkRxsho%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c221d8569c4f-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC119INData Raw: 7b 22 73 75 63 63 65 73 73 22 3a 74 72 75 65 2c 22 64 61 74 61 22 3a 7b 22 70 61 67 65 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 62 69 74 73 75 6d 2e 63 6f 6d 5c 2f 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 5c 2f 3f 64 69 73 63 6f 75 6e 74 3d 42 49 54 53 55 4d 32 35 4f 46 46 26 23 30 33 38 3b 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 3d 31 22 7d
                                                                                                                                                                                                                          Data Ascii: {"success":true,"data":{"page_url":"https:\/\/bitsum.com\/get-lasso-pro\/?discount=BITSUM25OFF&#038;inproductcoupon=1"}
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC1INData Raw: 7d
                                                                                                                                                                                                                          Data Ascii: }


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          33192.168.2.449778104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC766OUTGET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714912395 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; _ga_ZV0D0J286B=GS1.1.1714912397.1.0.1714912397.60.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC745INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:19 GMT
                                                                                                                                                                                                                          Content-Type: text/css
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Fri, 20 Jan 2023 17:33:14 GMT
                                                                                                                                                                                                                          ETag: "1f80ab-0-5f2b571b5b143"
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: MISS
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3pV5%2FYBJb4v7O7Yha9Z6%2BlJGi3rVV%2FDJNKg%2B967LjOmr6QMc3OFp1tGBrAcUq54HYV3c2rjHzPuxWqzVmHVnVhRo0Ez1Cz89mZpjgHT71RtxWun2RcRX84h02eY%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c2220b6b07d7-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          34192.168.2.449779104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC793OUTGET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=7.6 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; _ga_ZV0D0J286B=GS1.1.1714912397.1.0.1714912397.60.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC767INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:19 GMT
                                                                                                                                                                                                                          Content-Type: text/css
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Fri, 12 Apr 2024 09:28:07 GMT
                                                                                                                                                                                                                          ETag: W/"ff8c9-865f-615e2e3b4775d-gzip"
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: EXPIRED
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IYLRYKkD7V8F2reeuBlZ3jU4d5x63uFmwU7j6wwtW83%2BmfGpSnm9rl3v7Lf4aHQoUUvnSHUSUrgSMrMWWe%2BOOmaEmeJFOLjoK8qtNVP%2BWSTWNoXhAR%2BUw6cntew%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c2226cee3974-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC602INData Raw: 37 63 62 35 0d 0a 2f 2a 21 0a 20 2a 20 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 46 72 65 65 20 35 2e 31 31 2e 32 20 62 79 20 40 66 6f 6e 74 61 77 65 73 6f 6d 65 20 2d 20 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2e 63 6f 6d 0a 20 2a 20 4c 69 63 65 6e 73 65 20 2d 20 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2e 63 6f 6d 2f 6c 69 63 65 6e 73 65 2f 66 72 65 65 20 28 49 63 6f 6e 73 3a 20 43 43 20 42 59 20 34 2e 30 2c 20 46 6f 6e 74 73 3a 20 53 49 4c 20 4f 46 4c 20 31 2e 31 2c 20 43 6f 64 65 3a 20 4d 49 54 20 4c 69 63 65 6e 73 65 29 0a 20 2a 2f 2e 66 61 2e 66 61 2d 67 6c 61 73 73 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 30 30 22 7d 2e 66 61 2e 66 61 2d 6d 65 65 74 75 70 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46
                                                                                                                                                                                                                          Data Ascii: 7cb5/*! * Font Awesome Free 5.11.2 by @fontawesome - https://fontawesome.com * License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) */.fa.fa-glass:before{content:"\f000"}.fa.fa-meetup{font-family:'F
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC1369INData Raw: 64 22 7d 2e 66 61 2e 66 61 2d 66 69 6c 65 2d 6f 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 46 72 65 65 27 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 2e 66 61 2e 66 61 2d 66 69 6c 65 2d 6f 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 35 62 22 7d 2e 66 61 2e 66 61 2d 63 6c 6f 63 6b 2d 6f 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 46 72 65 65 27 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 2e 66 61 2e 66 61 2d 63 6c 6f 63 6b 2d 6f 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 31 37 22 7d 2e 66 61 2e 66 61 2d 61 72 72 6f 77 2d 63 69 72 63 6c 65 2d 6f 2d 64 6f 77 6e 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 20 41 77 65
                                                                                                                                                                                                                          Data Ascii: d"}.fa.fa-file-o{font-family:'Font Awesome 5 Free';font-weight:400}.fa.fa-file-o:before{content:"\f15b"}.fa.fa-clock-o{font-family:'Font Awesome 5 Free';font-weight:400}.fa.fa-clock-o:before{content:"\f017"}.fa.fa-arrow-circle-o-down{font-family:'Font Awe
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC1369INData Raw: 6c 79 3a 27 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 46 72 65 65 27 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 2e 66 61 2e 66 61 2d 73 68 61 72 65 2d 73 71 75 61 72 65 2d 6f 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 34 64 22 7d 2e 66 61 2e 66 61 2d 63 68 65 63 6b 2d 73 71 75 61 72 65 2d 6f 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 46 72 65 65 27 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 2e 66 61 2e 66 61 2d 63 68 65 63 6b 2d 73 71 75 61 72 65 2d 6f 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 34 61 22 7d 2e 66 61 2e 66 61 2d 61 72 72 6f 77 73 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 62 32 22 7d 2e 66 61 2e 66 61 2d 74 69 6d 65 73 2d 63 69
                                                                                                                                                                                                                          Data Ascii: ly:'Font Awesome 5 Free';font-weight:400}.fa.fa-share-square-o:before{content:"\f14d"}.fa.fa-check-square-o{font-family:'Font Awesome 5 Free';font-weight:400}.fa.fa-check-square-o:before{content:"\f14a"}.fa.fa-arrows:before{content:"\f0b2"}.fa.fa-times-ci
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC1369INData Raw: 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 2e 66 61 2e 66 61 2d 74 68 75 6d 62 73 2d 6f 2d 64 6f 77 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 36 35 22 7d 2e 66 61 2e 66 61 2d 68 65 61 72 74 2d 6f 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 46 72 65 65 27 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 2e 66 61 2e 66 61 2d 68 65 61 72 74 2d 6f 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 30 34 22 7d 2e 66 61 2e 66 61 2d 73 69 67 6e 2d 6f 75 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 32 66 35 22 7d 2e 66 61 2e 66 61 2d 6c 69 6e 6b 65 64 69 6e 2d 73 71 75 61 72 65 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 42 72
                                                                                                                                                                                                                          Data Ascii: font-weight:400}.fa.fa-thumbs-o-down:before{content:"\f165"}.fa.fa-heart-o{font-family:'Font Awesome 5 Free';font-weight:400}.fa.fa-heart-o:before{content:"\f004"}.fa.fa-sign-out:before{content:"\f2f5"}.fa.fa-linkedin-square{font-family:'Font Awesome 5 Br
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC1369INData Raw: 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 61 30 22 7d 2e 66 61 2e 66 61 2d 68 61 6e 64 2d 6f 2d 72 69 67 68 74 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 46 72 65 65 27 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 2e 66 61 2e 66 61 2d 68 61 6e 64 2d 6f 2d 72 69 67 68 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 61 34 22 7d 2e 66 61 2e 66 61 2d 68 61 6e 64 2d 6f 2d 6c 65 66 74 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 46 72 65 65 27 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 2e 66 61 2e 66 61 2d 68 61 6e 64 2d 6f 2d 6c 65 66 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 61 35 22 7d 2e 66 61 2e 66 61 2d 68 61 6e
                                                                                                                                                                                                                          Data Ascii: fore{content:"\f0a0"}.fa.fa-hand-o-right{font-family:'Font Awesome 5 Free';font-weight:400}.fa.fa-hand-o-right:before{content:"\f0a4"}.fa.fa-hand-o-left{font-family:'Font Awesome 5 Free';font-weight:400}.fa.fa-hand-o-left:before{content:"\f0a5"}.fa.fa-han
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC1369INData Raw: 64 63 22 7d 2e 66 61 2e 66 61 2d 73 6f 72 74 2d 64 65 73 63 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 64 64 22 7d 2e 66 61 2e 66 61 2d 73 6f 72 74 2d 61 73 63 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 64 65 22 7d 2e 66 61 2e 66 61 2d 6c 69 6e 6b 65 64 69 6e 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 42 72 61 6e 64 73 27 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 2e 66 61 2e 66 61 2d 6c 69 6e 6b 65 64 69 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 65 31 22 7d 2e 66 61 2e 66 61 2d 72 6f 74 61 74 65 2d 6c 65 66 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 65 32 22 7d 2e 66 61 2e 66 61 2d 6c 65 67 61 6c 3a 62 65 66 6f 72 65 7b 63 6f 6e
                                                                                                                                                                                                                          Data Ascii: dc"}.fa.fa-sort-desc:before{content:"\f0dd"}.fa.fa-sort-asc:before{content:"\f0de"}.fa.fa-linkedin{font-family:'Font Awesome 5 Brands';font-weight:400}.fa.fa-linkedin:before{content:"\f0e1"}.fa.fa-rotate-left:before{content:"\f0e2"}.fa.fa-legal:before{con
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC1369INData Raw: 61 2d 68 6f 73 70 69 74 61 6c 2d 6f 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 46 72 65 65 27 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 2e 66 61 2e 66 61 2d 68 6f 73 70 69 74 61 6c 2d 6f 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 66 38 22 7d 2e 66 61 2e 66 61 2d 74 61 62 6c 65 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 33 66 61 22 7d 2e 66 61 2e 66 61 2d 6d 6f 62 69 6c 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 33 63 64 22 7d 2e 66 61 2e 66 61 2d 6d 6f 62 69 6c 65 2d 70 68 6f 6e 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 33 63 64 22 7d 2e 66 61 2e 66 61 2d 63 69 72 63 6c 65 2d 6f 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 20
                                                                                                                                                                                                                          Data Ascii: a-hospital-o{font-family:'Font Awesome 5 Free';font-weight:400}.fa.fa-hospital-o:before{content:"\f0f8"}.fa.fa-tablet:before{content:"\f3fa"}.fa.fa-mobile:before{content:"\f3cd"}.fa.fa-mobile-phone:before{content:"\f3cd"}.fa.fa-circle-o{font-family:'Font
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC1369INData Raw: 41 77 65 73 6f 6d 65 20 35 20 46 72 65 65 27 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 2e 66 61 2e 66 61 2d 73 74 61 72 2d 68 61 6c 66 2d 65 6d 70 74 79 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 38 39 22 7d 2e 66 61 2e 66 61 2d 73 74 61 72 2d 68 61 6c 66 2d 66 75 6c 6c 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 46 72 65 65 27 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 2e 66 61 2e 66 61 2d 73 74 61 72 2d 68 61 6c 66 2d 66 75 6c 6c 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 38 39 22 7d 2e 66 61 2e 66 61 2d 63 6f 64 65 2d 66 6f 72 6b 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 32 36 22 7d 2e 66 61 2e 66 61 2d 63 68 61 69 6e 2d 62 72 6f 6b 65 6e 3a
                                                                                                                                                                                                                          Data Ascii: Awesome 5 Free';font-weight:400}.fa.fa-star-half-empty:before{content:"\f089"}.fa.fa-star-half-full{font-family:'Font Awesome 5 Free';font-weight:400}.fa.fa-star-half-full:before{content:"\f089"}.fa.fa-code-fork:before{content:"\f126"}.fa.fa-chain-broken:
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC1369INData Raw: 31 35 31 22 7d 2e 66 61 2e 66 61 2d 74 6f 67 67 6c 65 2d 75 70 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 46 72 65 65 27 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 2e 66 61 2e 66 61 2d 74 6f 67 67 6c 65 2d 75 70 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 35 31 22 7d 2e 66 61 2e 66 61 2d 63 61 72 65 74 2d 73 71 75 61 72 65 2d 6f 2d 72 69 67 68 74 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 46 72 65 65 27 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 2e 66 61 2e 66 61 2d 63 61 72 65 74 2d 73 71 75 61 72 65 2d 6f 2d 72 69 67 68 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 35 32 22 7d 2e 66 61 2e 66 61 2d 74 6f 67 67 6c 65 2d
                                                                                                                                                                                                                          Data Ascii: 151"}.fa.fa-toggle-up{font-family:'Font Awesome 5 Free';font-weight:400}.fa.fa-toggle-up:before{content:"\f151"}.fa.fa-caret-square-o-right{font-family:'Font Awesome 5 Free';font-weight:400}.fa.fa-caret-square-o-right:before{content:"\f152"}.fa.fa-toggle-
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC1369INData Raw: 65 73 63 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 38 38 36 22 7d 2e 66 61 2e 66 61 2d 79 6f 75 74 75 62 65 2d 73 71 75 61 72 65 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 42 72 61 6e 64 73 27 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 2e 66 61 2e 66 61 2d 79 6f 75 74 75 62 65 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 42 72 61 6e 64 73 27 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 2e 66 61 2e 66 61 2d 78 69 6e 67 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 42 72 61 6e 64 73 27 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 2e 66 61 2e 66 61 2d 78 69 6e 67 2d 73 71 75 61 72 65 7b 66 6f 6e 74
                                                                                                                                                                                                                          Data Ascii: esc:before{content:"\f886"}.fa.fa-youtube-square{font-family:'Font Awesome 5 Brands';font-weight:400}.fa.fa-youtube{font-family:'Font Awesome 5 Brands';font-weight:400}.fa.fa-xing{font-family:'Font Awesome 5 Brands';font-weight:400}.fa.fa-xing-square{font


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          35192.168.2.449781104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC726OUTGET /?custom-css=c8bee26073 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; _ga_ZV0D0J286B=GS1.1.1714912397.1.0.1714912397.60.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:20 UTC824INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:20 GMT
                                                                                                                                                                                                                          Content-Type: text/css;charset=UTF-8
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Mon, 05 May 2025 12:33:20 GMT
                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JxDYZS6YSAn%2FOu0Si4OW020iObd0EpFv14Za60%2FSzTOCFPZ8p%2BKlD1K15CFCwWa%2Fp1ngVjzqFyhR8Qq6s2bnBrNc06dOcKCIw3gtFvY6CA4i3M58y0REbnBEgLE%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c22459fd5b0b-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:20 UTC545INData Raw: 66 31 38 0d 0a 40 69 6d 70 6f 72 74 20 75 72 6c 28 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 26 64 69 73 70 6c 61 79 3d 73 77 61 70 27 29 3b 0a 0a 2f 2a 20 64 69 73 61 62 6c 65 20 64 61 72 6b 20 6d 6f 64 65 20 70 65 6e 64 69 6e 67 20 6d 6f 72 65 20 70 72 65 63 69 73 65 20 77 6f 72 6b 20 2a 2f 0a 2f 2a 20 40 69 6d 70 6f 72 74 20 22 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6d 65 6d 69 6e 7a 2f 63 73 73 2f 64 61 72 6b 6d 6f 64 65 2d 63 75 73 74 6f 6d 2e 63 73 73 22 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 20 64 61 72 6b 29 3b 0a 2a 2f 0a 0a 23 6e 6f 2d 75 73 65 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f
                                                                                                                                                                                                                          Data Ascii: f18@import url('https://fonts.googleapis.com/css2?family=Roboto&display=swap');/* disable dark mode pending more precise work *//* @import "/wp-content/themes/meminz/css/darkmode-custom.css" (prefers-color-scheme: dark);*/#no-use {margin: 0 auto
                                                                                                                                                                                                                          2024-05-05 12:33:20 UTC1369INData Raw: 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 66 6f 63 75 73 0a 7b 0a 09 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 68 6f 76 65 72 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 2e 73 65 6c 65 63 74 65 64 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74
                                                                                                                                                                                                                          Data Ascii: r-default .navbar-nav li a:focus{border: none;}.navbar-default .navbar-nav li a:hover,.navbar-default .navbar-nav li a.selected,.navbar-default .navbar-nav .active a,.navbar-default .navbar-nav .dropdown.active a,.navbar-default .navbar-nav .act
                                                                                                                                                                                                                          2024-05-05 12:33:20 UTC1369INData Raw: 30 30 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 2e 35 65 6d 3b 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 2e 35 65 6d 3b 0a 09 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 37 30 30 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 32 70 78 3b 0a 09 2d 6d 6f 7a 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 77 65 62 6b 69 74 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 6b 68 74 6d 6c 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 3b 0a 09 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 7d 0a 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 61 63 74 69 76 65 2c 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 68 6f 76 65
                                                                                                                                                                                                                          Data Ascii: 000;padding: .5em;line-height: 2.5em;font-weight: 700;border-width: 2px;-moz-border-radius: .5em;-webkit-border-radius: .5em;-khtml-border-radius: .5em .5em .5em .5em;border-radius: .5em;}a.download_button:active,a.download_button:hove
                                                                                                                                                                                                                          2024-05-05 12:33:20 UTC588INData Raw: 6e 64 2d 63 6f 6c 6f 72 3a 20 23 45 30 45 30 45 30 3b 0a 09 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 39 41 39 41 39 41 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 31 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 7d 0a 0a 2e 77 70 62 5f 63 6f 6e 74 65 6e 74 5f 65 6c 65 6d 65 6e 74 20 2e 77 70 62 5f 74 61 62 73 5f 6e 61 76 20 7b 0a 09 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 68 69 64 64 65 6e 2c 20 2e 65 64 64 5f 73 6c 5f 6e 6f 5f 6d 61 6e 61 67 65 6d 65 6e 74 2c 20 2e 65 64 64 5f 73 6c 5f 73 74 61 74 75 73 5f 6c 61 62 65 6c 2c 20 2e 65 64 64 2d 73 6c 2d 61 63 74 69 76
                                                                                                                                                                                                                          Data Ascii: nd-color: #E0E0E0;border-color: #9A9A9A;border-width: 1px;border-top-left-radius: 6px;border-top-right-radius: 6px;}.wpb_content_element .wpb_tabs_nav {border-style: none;}.hidden, .edd_sl_no_management, .edd_sl_status_label, .edd-sl-activ
                                                                                                                                                                                                                          2024-05-05 12:33:20 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          36192.168.2.449782151.101.128.1764434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC618OUTGET /v3/?ver=v3 HTTP/1.1
                                                                                                                                                                                                                          Host: js.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: script
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          If-None-Match: "2692eab1e562bacee19ab5e8f3b0b448"
                                                                                                                                                                                                                          If-Modified-Since: Sat, 04 May 2024 04:29:46 GMT
                                                                                                                                                                                                                          2024-05-05 12:33:20 UTC448INHTTP/1.1 304 Not Modified
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:20 GMT
                                                                                                                                                                                                                          Via: 1.1 varnish
                                                                                                                                                                                                                          Cache-Control: max-age=60
                                                                                                                                                                                                                          ETag: "2692eab1e562bacee19ab5e8f3b0b448"
                                                                                                                                                                                                                          Age: 2
                                                                                                                                                                                                                          X-Request-ID: f75b41aa-ca7a-4fb9-b2ff-b00a1bd125a3
                                                                                                                                                                                                                          X-Served-By: cache-lga21925-LGA
                                                                                                                                                                                                                          X-Cache: HIT
                                                                                                                                                                                                                          X-Cache-Hits: 1
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Timing-Allow-Origin: *


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          37192.168.2.449783104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC857OUTPOST /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 136
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded; charset=UTF-8
                                                                                                                                                                                                                          X-Requested-With: XMLHttpRequest
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912399.58.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:19 UTC136OUTData Raw: 61 63 74 69 6f 6e 3d 65 64 64 75 68 5f 74 72 61 63 6b 5f 68 69 73 74 6f 72 79 26 70 61 67 65 5f 75 72 6c 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 62 69 74 73 75 6d 2e 63 6f 6d 25 32 46 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 25 32 46 25 33 46 64 69 73 63 6f 75 6e 74 25 33 44 42 49 54 53 55 4d 32 35 4f 46 46 25 32 36 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 25 33 44 31 26 72 65 66 65 72 72 65 72 3d
                                                                                                                                                                                                                          Data Ascii: action=edduh_track_history&page_url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&referrer=
                                                                                                                                                                                                                          2024-05-05 12:33:20 UTC1258INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:20 GMT
                                                                                                                                                                                                                          Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                          Content-Length: 120
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          X-Robots-Tag: noindex
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                          Set-Cookie: edduh_hash=1f9ea3352ec85d3023c39db8ade100b6; expires=Sun, 12-May-2024 12:33:20 GMT; Max-Age=604800; path=/
                                                                                                                                                                                                                          Set-Cookie: edduh_hash=4c798686f90c46ceff63ed3c997fa277; expires=Sun, 12-May-2024 12:33:20 GMT; Max-Age=604800; path=/
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QNSWL7YfvRh4AFpYgUG7t7psq%2Fkv4Ey9Pird%2BrP5ulmNa8iJALopHPySfovplS34Bs4uiEwQg4bXoMFQUgDCFVjQkKzvjrsc3HG%2F6%2FgnS6JjM7tHByBGvRWBWaM%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c224bec9200c-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:20 UTC111INData Raw: 7b 22 73 75 63 63 65 73 73 22 3a 74 72 75 65 2c 22 64 61 74 61 22 3a 7b 22 70 61 67 65 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 62 69 74 73 75 6d 2e 63 6f 6d 5c 2f 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 5c 2f 3f 64 69 73 63 6f 75 6e 74 3d 42 49 54 53 55 4d 32 35 4f 46 46 26 23 30 33 38 3b 69 6e 70 72 6f 64 75 63 74 63 6f
                                                                                                                                                                                                                          Data Ascii: {"success":true,"data":{"page_url":"https:\/\/bitsum.com\/get-lasso-pro\/?discount=BITSUM25OFF&#038;inproductco
                                                                                                                                                                                                                          2024-05-05 12:33:20 UTC9INData Raw: 75 70 6f 6e 3d 31 22 7d 7d
                                                                                                                                                                                                                          Data Ascii: upon=1"}}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          38192.168.2.449784142.251.16.1134434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:20 UTC1235OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912398937&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=1403 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:20 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:20 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          39192.168.2.449785104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:20 UTC766OUTGET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714912399 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; _ga_ZV0D0J286B=GS1.1.1714912397.1.0.1714912397.60.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:20 UTC747INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:20 GMT
                                                                                                                                                                                                                          Content-Type: text/css
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Fri, 20 Jan 2023 17:33:14 GMT
                                                                                                                                                                                                                          ETag: "1f80ab-0-5f2b571b5b143"
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: MISS
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6ZBG3ciROMqb0xHkIRuLhHuGNOZzsjgd%2FriN0AHdKaaXOFWbZkMIbdbT%2BN40SbAx7n9KvSNcqODi9WlN9PFMmuanh%2BFv4hN6%2BvMnw89xIsS21i8MW83wYAoR3%2FI%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c225691f874a-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          40192.168.2.449786104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:20 UTC788OUTGET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=7.6 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912399.58.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:20 UTC772INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:20 GMT
                                                                                                                                                                                                                          Content-Type: text/css
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Fri, 12 Apr 2024 09:28:07 GMT
                                                                                                                                                                                                                          ETag: W/"ff8c8-da71-615e2e3b4775d-gzip"
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: HIT
                                                                                                                                                                                                                          Age: 4464
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q9sJ9%2FR43TiHM4APnRpXVytthj1x5WEGi7tApauAIYzkefahXDuO2rMBinnDvOn1fCQ21MUCfS60SK2zVsUh%2BfC8zLZosWRP2J0vr5K%2FDrRBcnIDq39Q7KM3CFw%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c225787f5968-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:20 UTC597INData Raw: 37 63 62 30 0d 0a 2f 2a 21 0a 20 2a 20 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 46 72 65 65 20 35 2e 31 31 2e 32 20 62 79 20 40 66 6f 6e 74 61 77 65 73 6f 6d 65 20 2d 20 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2e 63 6f 6d 0a 20 2a 20 4c 69 63 65 6e 73 65 20 2d 20 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2e 63 6f 6d 2f 6c 69 63 65 6e 73 65 2f 66 72 65 65 20 28 49 63 6f 6e 73 3a 20 43 43 20 42 59 20 34 2e 30 2c 20 46 6f 6e 74 73 3a 20 53 49 4c 20 4f 46 4c 20 31 2e 31 2c 20 43 6f 64 65 3a 20 4d 49 54 20 4c 69 63 65 6e 73 65 29 0a 20 2a 2f 2e 66 61 2c 2e 66 61 62 2c 2e 66 61 64 2c 2e 66 61 6c 2c 2e 66 61 72 2c 2e 66 61 73 7b 2d 6d 6f 7a 2d 6f 73 78 2d 66 6f 6e 74 2d 73 6d 6f 6f 74 68 69 6e 67 3a 67 72 61 79 73 63 61 6c 65 3b 2d
                                                                                                                                                                                                                          Data Ascii: 7cb0/*! * Font Awesome Free 5.11.2 by @fontawesome - https://fontawesome.com * License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) */.fa,.fab,.fad,.fal,.far,.fas{-moz-osx-font-smoothing:grayscale;-
                                                                                                                                                                                                                          2024-05-05 12:33:20 UTC1369INData Raw: 65 3a 35 65 6d 7d 2e 66 61 2d 36 78 7b 66 6f 6e 74 2d 73 69 7a 65 3a 36 65 6d 7d 2e 66 61 2d 37 78 7b 66 6f 6e 74 2d 73 69 7a 65 3a 37 65 6d 7d 2e 66 61 2d 38 78 7b 66 6f 6e 74 2d 73 69 7a 65 3a 38 65 6d 7d 2e 66 61 2d 39 78 7b 66 6f 6e 74 2d 73 69 7a 65 3a 39 65 6d 7d 2e 66 61 2d 31 30 78 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 30 65 6d 7d 2e 66 61 2d 66 77 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 77 69 64 74 68 3a 31 2e 32 35 65 6d 7d 2e 66 61 2d 75 6c 7b 6c 69 73 74 2d 73 74 79 6c 65 2d 74 79 70 65 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 32 2e 35 65 6d 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 30 7d 2e 66 61 2d 75 6c 3e 6c 69 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 7d 2e 66 61 2d 6c 69 7b 6c 65 66 74 3a 2d 32 65
                                                                                                                                                                                                                          Data Ascii: e:5em}.fa-6x{font-size:6em}.fa-7x{font-size:7em}.fa-8x{font-size:8em}.fa-9x{font-size:9em}.fa-10x{font-size:10em}.fa-fw{text-align:center;width:1.25em}.fa-ul{list-style-type:none;margin-left:2.5em;padding-left:0}.fa-ul>li{position:relative}.fa-li{left:-2e
                                                                                                                                                                                                                          2024-05-05 12:33:20 UTC1369INData Raw: 66 61 2d 73 74 61 63 6b 2d 31 78 2c 2e 66 61 2d 73 74 61 63 6b 2d 32 78 7b 6c 65 66 74 3a 30 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 77 69 64 74 68 3a 31 30 30 25 7d 2e 66 61 2d 73 74 61 63 6b 2d 31 78 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 69 6e 68 65 72 69 74 7d 2e 66 61 2d 73 74 61 63 6b 2d 32 78 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 65 6d 7d 2e 66 61 2d 69 6e 76 65 72 73 65 7b 63 6f 6c 6f 72 3a 23 66 66 66 7d 2e 66 61 2d 35 30 30 70 78 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 32 36 65 22 7d 2e 66 61 2d 61 63 63 65 73 73 69 62 6c 65 2d 69 63 6f 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 33 36 38 22 7d 2e 66 61 2d 61 63 63 75 73 6f 66 74 3a 62 65 66 6f
                                                                                                                                                                                                                          Data Ascii: fa-stack-1x,.fa-stack-2x{left:0;position:absolute;text-align:center;width:100%}.fa-stack-1x{line-height:inherit}.fa-stack-2x{font-size:2em}.fa-inverse{color:#fff}.fa-500px:before{content:"\f26e"}.fa-accessible-icon:before{content:"\f368"}.fa-accusoft:befo
                                                                                                                                                                                                                          2024-05-05 12:33:20 UTC1369INData Raw: 65 2d 72 69 67 68 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 30 31 22 7d 2e 66 61 2d 61 6e 67 6c 65 2d 64 6f 75 62 6c 65 2d 75 70 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 30 32 22 7d 2e 66 61 2d 61 6e 67 6c 65 2d 64 6f 77 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 30 37 22 7d 2e 66 61 2d 61 6e 67 6c 65 2d 6c 65 66 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 30 34 22 7d 2e 66 61 2d 61 6e 67 6c 65 2d 72 69 67 68 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 30 35 22 7d 2e 66 61 2d 61 6e 67 6c 65 2d 75 70 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 30 36 22 7d 2e 66 61 2d 61 6e 67 72 79 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 35 35
                                                                                                                                                                                                                          Data Ascii: e-right:before{content:"\f101"}.fa-angle-double-up:before{content:"\f102"}.fa-angle-down:before{content:"\f107"}.fa-angle-left:before{content:"\f104"}.fa-angle-right:before{content:"\f105"}.fa-angle-up:before{content:"\f106"}.fa-angry:before{content:"\f55
                                                                                                                                                                                                                          2024-05-05 12:33:20 UTC1369INData Raw: 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 32 61 32 22 7d 2e 66 61 2d 61 73 74 65 72 69 73 6b 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 36 39 22 7d 2e 66 61 2d 61 73 79 6d 6d 65 74 72 69 6b 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 33 37 32 22 7d 2e 66 61 2d 61 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 66 61 22 7d 2e 66 61 2d 61 74 6c 61 73 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 35 35 38 22 7d 2e 66 61 2d 61 74 6c 61 73 73 69 61 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 37 37 62 22 7d 2e 66 61 2d 61 74 6f 6d 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 35 64 32 22 7d 2e 66 61 2d 61 75 64 69 62 6c 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22
                                                                                                                                                                                                                          Data Ascii: fore{content:"\f2a2"}.fa-asterisk:before{content:"\f069"}.fa-asymmetrik:before{content:"\f372"}.fa-at:before{content:"\f1fa"}.fa-atlas:before{content:"\f558"}.fa-atlassian:before{content:"\f77b"}.fa-atom:before{content:"\f5d2"}.fa-audible:before{content:"
                                                                                                                                                                                                                          2024-05-05 12:33:20 UTC1369INData Raw: 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 66 63 22 7d 2e 66 61 2d 62 65 68 61 6e 63 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 62 34 22 7d 2e 66 61 2d 62 65 68 61 6e 63 65 2d 73 71 75 61 72 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 62 35 22 7d 2e 66 61 2d 62 65 6c 6c 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 66 33 22 7d 2e 66 61 2d 62 65 6c 6c 2d 73 6c 61 73 68 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 66 36 22 7d 2e 66 61 2d 62 65 7a 69 65 72 2d 63 75 72 76 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 35 35 62 22 7d 2e 66 61 2d 62 69 62 6c 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 36 34 37 22 7d 2e 66 61 2d 62 69 63 79 63 6c
                                                                                                                                                                                                                          Data Ascii: r:before{content:"\f0fc"}.fa-behance:before{content:"\f1b4"}.fa-behance-square:before{content:"\f1b5"}.fa-bell:before{content:"\f0f3"}.fa-bell-slash:before{content:"\f1f6"}.fa-bezier-curve:before{content:"\f55b"}.fa-bible:before{content:"\f647"}.fa-bicycl
                                                                                                                                                                                                                          2024-05-05 12:33:20 UTC1369INData Raw: 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 38 34 63 22 7d 2e 66 61 2d 62 6f 72 64 65 72 2d 6e 6f 6e 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 38 35 30 22 7d 2e 66 61 2d 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 38 35 33 22 7d 2e 66 61 2d 62 6f 77 6c 69 6e 67 2d 62 61 6c 6c 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 34 33 36 22 7d 2e 66 61 2d 62 6f 78 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 34 36 36 22 7d 2e 66 61 2d 62 6f 78 2d 6f 70 65 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 34 39 65 22 7d 2e 66 61 2d 62 6f 78 65 73 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 34 36 38 22 7d 2e 66 61 2d 62 72 61 69 6c 6c 65 3a 62 65
                                                                                                                                                                                                                          Data Ascii: efore{content:"\f84c"}.fa-border-none:before{content:"\f850"}.fa-border-style:before{content:"\f853"}.fa-bowling-ball:before{content:"\f436"}.fa-box:before{content:"\f466"}.fa-box-open:before{content:"\f49e"}.fa-boxes:before{content:"\f468"}.fa-braille:be
                                                                                                                                                                                                                          2024-05-05 12:33:20 UTC1369INData Raw: 63 61 6d 65 72 61 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 33 30 22 7d 2e 66 61 2d 63 61 6d 65 72 61 2d 72 65 74 72 6f 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 38 33 22 7d 2e 66 61 2d 63 61 6d 70 67 72 6f 75 6e 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 36 62 62 22 7d 2e 66 61 2d 63 61 6e 61 64 69 61 6e 2d 6d 61 70 6c 65 2d 6c 65 61 66 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 37 38 35 22 7d 2e 66 61 2d 63 61 6e 64 79 2d 63 61 6e 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 37 38 36 22 7d 2e 66 61 2d 63 61 6e 6e 61 62 69 73 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 35 35 66 22 7d 2e 66 61 2d 63 61 70 73 75 6c 65 73 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e
                                                                                                                                                                                                                          Data Ascii: camera:before{content:"\f030"}.fa-camera-retro:before{content:"\f083"}.fa-campground:before{content:"\f6bb"}.fa-canadian-maple-leaf:before{content:"\f785"}.fa-candy-cane:before{content:"\f786"}.fa-cannabis:before{content:"\f55f"}.fa-capsules:before{conten
                                                                                                                                                                                                                          2024-05-05 12:33:20 UTC1369INData Raw: 3a 22 5c 66 33 38 30 22 7d 2e 66 61 2d 63 65 6e 74 6f 73 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 37 38 39 22 7d 2e 66 61 2d 63 65 72 74 69 66 69 63 61 74 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 61 33 22 7d 2e 66 61 2d 63 68 61 69 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 36 63 30 22 7d 2e 66 61 2d 63 68 61 6c 6b 62 6f 61 72 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 35 31 62 22 7d 2e 66 61 2d 63 68 61 6c 6b 62 6f 61 72 64 2d 74 65 61 63 68 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 35 31 63 22 7d 2e 66 61 2d 63 68 61 72 67 69 6e 67 2d 73 74 61 74 69 6f 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 35 65 37 22 7d 2e 66 61 2d 63 68 61 72 74 2d 61 72
                                                                                                                                                                                                                          Data Ascii: :"\f380"}.fa-centos:before{content:"\f789"}.fa-certificate:before{content:"\f0a3"}.fa-chair:before{content:"\f6c0"}.fa-chalkboard:before{content:"\f51b"}.fa-chalkboard-teacher:before{content:"\f51c"}.fa-charging-station:before{content:"\f5e7"}.fa-chart-ar
                                                                                                                                                                                                                          2024-05-05 12:33:20 UTC1369INData Raw: 7d 2e 66 61 2d 63 69 72 63 6c 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 31 31 22 7d 2e 66 61 2d 63 69 72 63 6c 65 2d 6e 6f 74 63 68 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 63 65 22 7d 2e 66 61 2d 63 69 74 79 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 36 34 66 22 7d 2e 66 61 2d 63 6c 69 6e 69 63 2d 6d 65 64 69 63 61 6c 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 37 66 32 22 7d 2e 66 61 2d 63 6c 69 70 62 6f 61 72 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 33 32 38 22 7d 2e 66 61 2d 63 6c 69 70 62 6f 61 72 64 2d 63 68 65 63 6b 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 34 36 63 22 7d 2e 66 61 2d 63 6c 69 70 62 6f 61 72 64 2d 6c 69 73 74 3a 62 65 66 6f 72 65 7b
                                                                                                                                                                                                                          Data Ascii: }.fa-circle:before{content:"\f111"}.fa-circle-notch:before{content:"\f1ce"}.fa-city:before{content:"\f64f"}.fa-clinic-medical:before{content:"\f7f2"}.fa-clipboard:before{content:"\f328"}.fa-clipboard-check:before{content:"\f46c"}.fa-clipboard-list:before{


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          41192.168.2.449787104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:20 UTC770OUTGET /wp-content/plugins/theme-my-login/assets/scripts/theme-my-login.min.js?ver=7.1.7 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: script
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912399.58.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:20 UTC787INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:20 GMT
                                                                                                                                                                                                                          Content-Type: application/javascript
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Mon, 18 Mar 2024 16:01:32 GMT
                                                                                                                                                                                                                          ETag: W/"1073bf-6e9-613f178ad7b65-gzip"
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: EXPIRED
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7HQImD621hQa%2FYEsCofCPAX1G9TWrAfBy1NU74xzquL8Wnl%2FM%2B%2FB9cvTAy6CTd%2B828WdjabR6CdyYWC7AFhRa7UCmpZw66ExH%2BjO%2FzUoLDmYT1N0nVRXEphsGh0%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c2258f7e082c-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:20 UTC582INData Raw: 36 65 39 0d 0a 21 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 6e 28 22 2e 74 6d 6c 22 29 2e 6f 6e 28 22 73 75 62 6d 69 74 22 2c 27 66 6f 72 6d 5b 64 61 74 61 2d 61 6a 61 78 3d 22 31 22 5d 27 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 65 3d 6e 28 74 68 69 73 29 2c 73 3d 65 2e 66 69 6e 64 28 22 3a 69 6e 70 75 74 22 29 2c 74 3d 65 2e 66 69 6e 64 28 22 3a 73 75 62 6d 69 74 22 29 2c 72 3d 6e 28 61 2e 64 65 6c 65 67 61 74 65 54 61 72 67 65 74 29 2e 66 69 6e 64 28 22 2e 74 6d 6c 2d 61 6c 65 72 74 73 22 29 3b 61 2e 70 72 65 76 65 6e 74 44 65 66 61 75 6c 74 28 29 2c 72 2e 65 6d 70 74 79 28 29 2c 73 2e 70 72 6f 70 28 22 72 65 61 64 6f 6e 6c 79 22 2c 21 30 29 2c 74 2e 70 72 6f 70 28 22 64 69 73 61 62 6c 65 64 22 2c 21 30 29 2c 6e 2e 61 6a 61 78 28 7b 64 61 74 61 3a
                                                                                                                                                                                                                          Data Ascii: 6e9!function(n){n(".tml").on("submit",'form[data-ajax="1"]',function(a){var e=n(this),s=e.find(":input"),t=e.find(":submit"),r=n(a.delegateTarget).find(".tml-alerts");a.preventDefault(),r.empty(),s.prop("readonly",!0),t.prop("disabled",!0),n.ajax({data:
                                                                                                                                                                                                                          2024-05-05 12:33:20 UTC1194INData Raw: 6f 72 73 29 2e 66 61 64 65 49 6e 28 29 7d 29 2e 66 61 69 6c 28 66 75 6e 63 74 69 6f 6e 28 61 2c 65 2c 73 29 7b 61 2e 72 65 73 70 6f 6e 73 65 4a 53 4f 4e 2e 64 61 74 61 2e 65 72 72 6f 72 73 26 26 72 2e 68 69 64 65 28 29 2e 68 74 6d 6c 28 61 2e 72 65 73 70 6f 6e 73 65 4a 53 4f 4e 2e 64 61 74 61 2e 65 72 72 6f 72 73 29 2e 66 61 64 65 49 6e 28 29 7d 29 7d 29 7d 28 6a 51 75 65 72 79 29 2c 66 75 6e 63 74 69 6f 6e 28 73 29 7b 73 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 61 2c 65 3b 69 66 28 74 68 65 6d 65 4d 79 4c 6f 67 69 6e 2e 61 63 74 69 6f 6e 29 73 77 69 74 63 68 28 61 3d 73 28 22 23 75 73 65 72 5f 6c 6f 67 69 6e 22 29 2c 74 68 65 6d 65 4d 79 4c 6f 67 69 6e 2e 61 63 74 69 6f 6e 29 7b 63 61 73 65 22 61 63 74 69 76 61 74 65 22 3a 28 65 3d 73 28 22 23 6b
                                                                                                                                                                                                                          Data Ascii: ors).fadeIn()}).fail(function(a,e,s){a.responseJSON.data.errors&&r.hide().html(a.responseJSON.data.errors).fadeIn()})})}(jQuery),function(s){s(function(){var a,e;if(themeMyLogin.action)switch(a=s("#user_login"),themeMyLogin.action){case"activate":(e=s("#k
                                                                                                                                                                                                                          2024-05-05 12:33:20 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          42192.168.2.44978823.221.242.90443
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:21 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Accept-Encoding: identity
                                                                                                                                                                                                                          User-Agent: Microsoft BITS/7.8
                                                                                                                                                                                                                          Host: fs.microsoft.com
                                                                                                                                                                                                                          2024-05-05 12:33:21 UTC466INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                          ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                                                                                                                                                                                          Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                                                                                                                                                                                          Server: ECAcc (chd/073D)
                                                                                                                                                                                                                          X-CID: 11
                                                                                                                                                                                                                          X-Ms-ApiVersion: Distribute 1.2
                                                                                                                                                                                                                          X-Ms-Region: prod-weu-z1
                                                                                                                                                                                                                          Cache-Control: public, max-age=66627
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:21 GMT
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          X-CID: 2


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          43192.168.2.449789104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC812OUTGET /wp-content/plugins/nextgen-gallery/static/GalleryDisplay/common.js?ver=3.59.2 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: script
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912399.58.0.0; edduh_hash=4c798686f90c46ceff63ed3c997fa277
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC847INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:22 GMT
                                                                                                                                                                                                                          Content-Type: application/javascript
                                                                                                                                                                                                                          Content-Length: 3792
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cf-Bgj: minify
                                                                                                                                                                                                                          Cf-Polished: origSize=8713
                                                                                                                                                                                                                          ETag: "102075-2209-615c1f6758f8a-gzip"
                                                                                                                                                                                                                          Last-Modified: Wed, 10 Apr 2024 18:11:08 GMT
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: HIT
                                                                                                                                                                                                                          Age: 6499
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=21g0GbNQfrZhpc3HAaeT2VFEcpMop5c%2BJKqCIusxm8oIeghJu38qg%2Bzl4rzx9gWR8YHWo%2Fb8xFYzbmOLzdsRHccyKu5SGZVy8LR4daCvFFH2QYJ9lVEfQCR%2FgHQ%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c233bda3202d-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC522INData Raw: 28 66 75 6e 63 74 69 6f 6e 28 24 29 7b 77 69 6e 64 6f 77 2e 4e 67 67 50 61 67 69 6e 61 74 65 64 47 61 6c 6c 65 72 79 3d 66 75 6e 63 74 69 6f 6e 28 64 69 73 70 6c 61 79 65 64 5f 67 61 6c 6c 65 72 79 5f 69 64 2c 63 6f 6e 74 61 69 6e 65 72 29 7b 74 68 69 73 2e 64 69 73 70 6c 61 79 65 64 5f 67 61 6c 6c 65 72 79 5f 69 64 3d 64 69 73 70 6c 61 79 65 64 5f 67 61 6c 6c 65 72 79 5f 69 64 3b 74 68 69 73 2e 63 6f 6e 74 61 69 6e 65 72 3d 24 28 63 6f 6e 74 61 69 6e 65 72 29 3b 74 68 69 73 2e 63 6f 6e 74 61 69 6e 65 72 5f 6e 61 6d 65 3d 63 6f 6e 74 61 69 6e 65 72 3b 74 68 69 73 2e 67 65 74 5f 64 69 73 70 6c 61 79 65 64 5f 67 61 6c 6c 65 72 79 5f 6f 62 6a 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 69 6e 64 65 78 3d 27 67 61 6c 6c 65 72 79 5f 27 2b 74 68 69 73 2e 64
                                                                                                                                                                                                                          Data Ascii: (function($){window.NggPaginatedGallery=function(displayed_gallery_id,container){this.displayed_gallery_id=displayed_gallery_id;this.container=$(container);this.container_name=container;this.get_displayed_gallery_obj=function(){var index='gallery_'+this.d
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC1369INData Raw: 24 28 74 68 69 73 29 2e 70 61 72 65 6e 74 73 28 63 6f 6e 74 61 69 6e 65 72 29 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 24 28 74 68 69 73 29 2e 64 61 74 61 28 27 6e 65 78 74 67 65 6e 2d 67 61 6c 6c 65 72 79 2d 69 64 27 29 21 3d 73 65 6c 66 2e 64 69 73 70 6c 61 79 65 64 5f 67 61 6c 6c 65 72 79 5f 69 64 29 7b 72 65 74 75 72 6e 20 74 72 75 65 3b 7d 0a 73 6b 69 70 3d 66 61 6c 73 65 3b 7d 29 3b 69 66 28 21 73 6b 69 70 29 7b 65 76 65 6e 74 2e 70 72 65 76 65 6e 74 44 65 66 61 75 6c 74 28 29 3b 7d 65 6c 73 65 7b 72 65 74 75 72 6e 3b 7d 0a 77 69 6e 64 6f 77 5b 27 6e 67 67 5f 61 6a 61 78 5f 6f 70 65 72 61 74 6f 6e 5f 63 6f 75 6e 74 27 5d 2b 2b 3b 24 28 27 62 6f 64 79 2c 20 61 27 29 2e 63 73 73 28 27 63 75 72 73 6f 72 27 2c 27 77 61 69 74 27 29 3b
                                                                                                                                                                                                                          Data Ascii: $(this).parents(container).each(function(){if($(this).data('nextgen-gallery-id')!=self.displayed_gallery_id){return true;}skip=false;});if(!skip){event.preventDefault();}else{return;}window['ngg_ajax_operaton_count']++;$('body, a').css('cursor','wait');
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC1369INData Raw: 6c 65 72 79 29 7b 69 66 28 74 79 70 65 6f 66 28 64 69 73 70 6c 61 79 65 64 5f 67 61 6c 6c 65 72 79 2e 64 69 73 70 6c 61 79 5f 73 65 74 74 69 6e 67 73 5b 27 61 6a 61 78 5f 70 61 67 69 6e 61 74 69 6f 6e 27 5d 29 21 3d 27 75 6e 64 65 66 69 6e 65 64 27 29 7b 69 66 28 70 61 72 73 65 49 6e 74 28 64 69 73 70 6c 61 79 65 64 5f 67 61 6c 6c 65 72 79 2e 64 69 73 70 6c 61 79 5f 73 65 74 74 69 6e 67 73 5b 27 61 6a 61 78 5f 70 61 67 69 6e 61 74 69 6f 6e 27 5d 29 29 7b 74 68 69 73 2e 65 6e 61 62 6c 65 5f 61 6a 61 78 5f 70 61 67 69 6e 61 74 69 6f 6e 28 29 3b 7d 7d 7d 0a 69 66 28 74 79 70 65 6f 66 28 77 69 6e 64 6f 77 5b 27 6e 67 67 5f 61 6a 61 78 5f 6f 70 65 72 61 74 69 6f 6e 5f 63 6f 75 6e 74 27 5d 29 3d 3d 27 75 6e 64 65 66 69 6e 65 64 27 29 7b 77 69 6e 64 6f 77 5b 27
                                                                                                                                                                                                                          Data Ascii: lery){if(typeof(displayed_gallery.display_settings['ajax_pagination'])!='undefined'){if(parseInt(displayed_gallery.display_settings['ajax_pagination'])){this.enable_ajax_pagination();}}}if(typeof(window['ngg_ajax_operation_count'])=='undefined'){window['
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC532INData Raw: 79 5f 69 64 2c 6e 61 6d 65 2c 64 65 66 29 7b 76 61 72 20 74 6d 70 3d 27 27 3b 76 61 72 20 67 61 6c 6c 65 72 79 3d 74 68 69 73 2e 67 65 74 5f 66 72 6f 6d 5f 69 64 28 67 61 6c 6c 65 72 79 5f 69 64 29 3b 69 66 28 67 61 6c 6c 65 72 79 26 26 74 79 70 65 6f 66 20 67 61 6c 6c 65 72 79 2e 64 69 73 70 6c 61 79 5f 73 65 74 74 69 6e 67 73 5b 6e 61 6d 65 5d 21 3d 3d 27 75 6e 64 65 66 69 6e 65 64 27 29 7b 74 6d 70 3d 67 61 6c 6c 65 72 79 2e 64 69 73 70 6c 61 79 5f 73 65 74 74 69 6e 67 73 5b 6e 61 6d 65 5d 3b 7d 65 6c 73 65 7b 74 6d 70 3d 64 65 66 3b 7d 0a 69 66 28 74 6d 70 3d 3d 3d 31 29 74 6d 70 3d 74 72 75 65 3b 69 66 28 74 6d 70 3d 3d 3d 30 29 74 6d 70 3d 66 61 6c 73 65 3b 69 66 28 74 6d 70 3d 3d 3d 27 31 27 29 74 6d 70 3d 74 72 75 65 3b 69 66 28 74 6d 70 3d 3d 3d
                                                                                                                                                                                                                          Data Ascii: y_id,name,def){var tmp='';var gallery=this.get_from_id(gallery_id);if(gallery&&typeof gallery.display_settings[name]!=='undefined'){tmp=gallery.display_settings[name];}else{tmp=def;}if(tmp===1)tmp=true;if(tmp===0)tmp=false;if(tmp==='1')tmp=true;if(tmp===


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          44192.168.2.449792104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC816OUTGET /wp-content/plugins/nextgen-gallery/static/Lightbox/lightbox_context.js?ver=3.59.2 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: script
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912399.58.0.0; edduh_hash=4c798686f90c46ceff63ed3c997fa277
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC840INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:22 GMT
                                                                                                                                                                                                                          Content-Type: application/javascript
                                                                                                                                                                                                                          Content-Length: 774
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cf-Bgj: minify
                                                                                                                                                                                                                          Cf-Polished: origSize=971
                                                                                                                                                                                                                          ETag: "1020d4-3cb-615c1f675ce0a-gzip"
                                                                                                                                                                                                                          Last-Modified: Wed, 10 Apr 2024 18:11:08 GMT
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: HIT
                                                                                                                                                                                                                          Age: 4618
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jV8iZUJKXpouZ7AWI70hAhb5OcxmoOkjISu%2BiKaYHNsVQcd7sgw9ihqyEDa6kiK69oYukrMsVopWpe%2FWfkkj0WMhMKeOpEjBCVt4qa5qHrFHuE60mlbmAx8b9Uo%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c23409228238-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC529INData Raw: 66 75 6e 63 74 69 6f 6e 20 6e 65 78 74 67 65 6e 5f 6c 69 67 68 74 62 6f 78 5f 66 69 6c 74 65 72 5f 73 65 6c 65 63 74 6f 72 28 24 2c 73 65 6c 65 63 74 6f 72 29 0a 7b 69 66 28 6e 65 78 74 67 65 6e 5f 6c 69 67 68 74 62 6f 78 5f 73 65 74 74 69 6e 67 73 26 26 6e 65 78 74 67 65 6e 5f 6c 69 67 68 74 62 6f 78 5f 73 65 74 74 69 6e 67 73 2e 63 6f 6e 74 65 78 74 29 7b 76 61 72 20 63 6f 6e 74 65 78 74 3d 6e 65 78 74 67 65 6e 5f 6c 69 67 68 74 62 6f 78 5f 73 65 74 74 69 6e 67 73 2e 63 6f 6e 74 65 78 74 3b 69 66 28 63 6f 6e 74 65 78 74 3d 3d 27 61 6c 6c 5f 69 6d 61 67 65 73 27 29 7b 73 65 6c 65 63 74 6f 72 3d 73 65 6c 65 63 74 6f 72 2e 61 64 64 28 24 28 27 61 20 3e 20 69 6d 67 27 29 2e 70 61 72 65 6e 74 28 29 29 3b 7d 0a 65 6c 73 65 20 69 66 28 63 6f 6e 74 65 78 74 3d
                                                                                                                                                                                                                          Data Ascii: function nextgen_lightbox_filter_selector($,selector){if(nextgen_lightbox_settings&&nextgen_lightbox_settings.context){var context=nextgen_lightbox_settings.context;if(context=='all_images'){selector=selector.add($('a > img').parent());}else if(context=
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC245INData Raw: 27 6a 70 65 67 27 7c 7c 65 78 74 32 3d 3d 27 77 65 62 70 27 29 3b 7d 29 29 3b 7d 0a 65 6c 73 65 20 69 66 28 63 6f 6e 74 65 78 74 3d 3d 27 6e 65 78 74 67 65 6e 5f 61 6e 64 5f 77 70 5f 69 6d 61 67 65 73 27 29 7b 73 65 6c 65 63 74 6f 72 3d 73 65 6c 65 63 74 6f 72 2e 61 64 64 28 24 28 27 61 20 3e 20 69 6d 67 5b 63 6c 61 73 73 2a 3d 22 77 70 2d 69 6d 61 67 65 2d 22 5d 27 29 2e 70 61 72 65 6e 74 28 29 29 3b 7d 0a 73 65 6c 65 63 74 6f 72 3d 73 65 6c 65 63 74 6f 72 2e 6e 6f 74 28 27 2e 67 61 6c 6c 65 72 79 5f 6c 69 6e 6b 27 29 3b 73 65 6c 65 63 74 6f 72 3d 73 65 6c 65 63 74 6f 72 2e 6e 6f 74 28 27 2e 75 73 65 5f 69 6d 61 67 65 62 72 6f 77 73 65 72 5f 65 66 66 65 63 74 27 29 3b 7d 0a 72 65 74 75 72 6e 20 73 65 6c 65 63 74 6f 72 3b 7d
                                                                                                                                                                                                                          Data Ascii: 'jpeg'||ext2=='webp');}));}else if(context=='nextgen_and_wp_images'){selector=selector.add($('a > img[class*="wp-image-"]').parent());}selector=selector.not('.gallery_link');selector=selector.not('.use_imagebrowser_effect');}return selector;}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          45192.168.2.449793104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC831OUTGET /wp-content/plugins/nextgen-gallery/static/Lightbox/fancybox/jquery.easing-1.3.pack.js?ver=3.59.2 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: script
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912399.58.0.0; edduh_hash=4c798686f90c46ceff63ed3c997fa277
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC845INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:22 GMT
                                                                                                                                                                                                                          Content-Type: application/javascript
                                                                                                                                                                                                                          Content-Length: 3199
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cf-Bgj: minify
                                                                                                                                                                                                                          Cf-Polished: origSize=6717
                                                                                                                                                                                                                          ETag: "1020c8-1a3d-615c1f675be6a-gzip"
                                                                                                                                                                                                                          Last-Modified: Wed, 10 Apr 2024 18:11:08 GMT
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: HIT
                                                                                                                                                                                                                          Age: 6498
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dWkUsuawfB%2Fp0l4cGY5mD%2BGTQ8bnOxMd9DTnyrQtSnL6Q%2F0sgN8ZL9fVQYusOsdFLYErqfU8tMPlW8hqTBGBm63YhsTj5jCrsY0ba6ZaKKjdYyfdT4pdBxyECxk%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c23408152051-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC524INData Raw: 65 76 61 6c 28 66 75 6e 63 74 69 6f 6e 28 70 2c 61 2c 63 2c 6b 2c 65 2c 72 29 7b 65 3d 66 75 6e 63 74 69 6f 6e 28 63 29 7b 72 65 74 75 72 6e 28 63 3c 61 3f 27 27 3a 65 28 70 61 72 73 65 49 6e 74 28 63 2f 61 29 29 29 2b 28 28 63 3d 63 25 61 29 3e 33 35 3f 53 74 72 69 6e 67 2e 66 72 6f 6d 43 68 61 72 43 6f 64 65 28 63 2b 32 39 29 3a 63 2e 74 6f 53 74 72 69 6e 67 28 33 36 29 29 7d 3b 69 66 28 21 27 27 2e 72 65 70 6c 61 63 65 28 2f 5e 2f 2c 53 74 72 69 6e 67 29 29 7b 77 68 69 6c 65 28 63 2d 2d 29 72 5b 65 28 63 29 5d 3d 6b 5b 63 5d 7c 7c 65 28 63 29 3b 6b 3d 5b 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 72 5b 65 5d 7d 5d 3b 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 27 5c 5c 77 2b 27 7d 3b 63 3d 31 7d 3b 77 68 69 6c 65 28 63 2d 2d
                                                                                                                                                                                                                          Data Ascii: eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC1369INData Raw: 74 29 2a 28 74 2d 32 29 2d 31 29 2b 62 7d 2c 58 3a 39 28 78 2c 74 2c 62 2c 63 2c 64 29 7b 36 20 63 2a 28 74 2f 3d 64 29 2a 74 2a 74 2b 62 7d 2c 55 3a 39 28 78 2c 74 2c 62 2c 63 2c 64 29 7b 36 20 63 2a 28 28 74 3d 74 2f 64 2d 31 29 2a 74 2a 74 2b 31 29 2b 62 7d 2c 52 3a 39 28 78 2c 74 2c 62 2c 63 2c 64 29 7b 65 28 28 74 2f 3d 64 2f 32 29 3c 31 29 36 20 63 2f 32 2a 74 2a 74 2a 74 2b 62 3b 36 20 63 2f 32 2a 28 28 74 2d 3d 32 29 2a 74 2a 74 2b 32 29 2b 62 7d 2c 4e 3a 39 28 78 2c 74 2c 62 2c 63 2c 64 29 7b 36 20 63 2a 28 74 2f 3d 64 29 2a 74 2a 74 2a 74 2b 62 7d 2c 4d 3a 39 28 78 2c 74 2c 62 2c 63 2c 64 29 7b 36 2d 63 2a 28 28 74 3d 74 2f 64 2d 31 29 2a 74 2a 74 2a 74 2d 31 29 2b 62 7d 2c 4c 3a 39 28 78 2c 74 2c 62 2c 63 2c 64 29 7b 65 28 28 74 2f 3d 64 2f 32
                                                                                                                                                                                                                          Data Ascii: t)*(t-2)-1)+b},X:9(x,t,b,c,d){6 c*(t/=d)*t*t+b},U:9(x,t,b,c,d){6 c*((t=t/d-1)*t*t+1)+b},R:9(x,t,b,c,d){e((t/=d/2)<1)6 c/2*t*t*t+b;6 c/2*((t-=2)*t*t+2)+b},N:9(x,t,b,c,d){6 c*(t/=d)*t*t*t+b},M:9(x,t,b,c,d){6-c*((t=t/d-1)*t*t*t-1)+b},L:9(x,t,b,c,d){e((t/=d/2
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC1306INData Raw: 2a 31 2e 35 29 3b 65 28 61 3c 38 2e 77 28 63 29 29 7b 61 3d 63 3b 66 20 73 3d 70 2f 34 7d 6d 20 66 20 73 3d 70 2f 28 32 2a 38 2e 67 29 2a 38 2e 72 28 63 2f 61 29 3b 65 28 74 3c 31 29 36 2d 2e 35 2a 28 61 2a 38 2e 6a 28 32 2c 31 30 2a 28 74 2d 3d 31 29 29 2a 38 2e 6e 28 28 74 2a 64 2d 73 29 2a 28 32 2a 38 2e 67 29 2f 70 29 29 2b 62 3b 36 20 61 2a 38 2e 6a 28 32 2c 2d 31 30 2a 28 74 2d 3d 31 29 29 2a 38 2e 6e 28 28 74 2a 64 2d 73 29 2a 28 32 2a 38 2e 67 29 2f 70 29 2a 2e 35 2b 63 2b 62 7d 2c 46 3a 39 28 78 2c 74 2c 62 2c 63 2c 64 2c 73 29 7b 65 28 73 3d 3d 75 29 73 3d 31 2e 6c 3b 36 20 63 2a 28 74 2f 3d 64 29 2a 74 2a 28 28 73 2b 31 29 2a 74 2d 73 29 2b 62 7d 2c 45 3a 39 28 78 2c 74 2c 62 2c 63 2c 64 2c 73 29 7b 65 28 73 3d 3d 75 29 73 3d 31 2e 6c 3b 36 20
                                                                                                                                                                                                                          Data Ascii: *1.5);e(a<8.w(c)){a=c;f s=p/4}m f s=p/(2*8.g)*8.r(c/a);e(t<1)6-.5*(a*8.j(2,10*(t-=1))*8.n((t*d-s)*(2*8.g)/p))+b;6 a*8.j(2,-10*(t-=1))*8.n((t*d-s)*(2*8.g)/p)*.5+c+b},F:9(x,t,b,c,d,s){e(s==u)s=1.l;6 c*(t/=d)*t*((s+1)*t-s)+b},E:9(x,t,b,c,d,s){e(s==u)s=1.l;6


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          46192.168.2.449790104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC835OUTGET /wp-content/plugins/nextgen-gallery/static/Lightbox/fancybox/jquery.fancybox-1.3.4.pack.js?ver=3.59.2 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: script
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912399.58.0.0; edduh_hash=4c798686f90c46ceff63ed3c997fa277
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC818INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:22 GMT
                                                                                                                                                                                                                          Content-Type: application/javascript
                                                                                                                                                                                                                          Content-Length: 14132
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cf-Bgj: minify
                                                                                                                                                                                                                          ETag: "1020ce-3734-615c1f675ce0a-gzip"
                                                                                                                                                                                                                          Last-Modified: Wed, 10 Apr 2024 18:11:08 GMT
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: HIT
                                                                                                                                                                                                                          Age: 6498
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4zf86g9yp41%2BmdvYOh86FMuZG3GcNhq15L%2F7ztL5hzuXWCKSZwTUSg01TfnZ9v5ClxPfZF7W7Jk1x8Lg4GkCD3lBG%2FtIg8ySUOCQ818FSaOy6D8f8cDOsj88QLk%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c23408ea20c4-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC551INData Raw: 21 66 75 6e 63 74 69 6f 6e 28 63 29 7b 66 75 6e 63 74 69 6f 6e 20 72 28 29 7b 6c 2e 68 69 64 65 28 29 2c 6a 2e 6f 6e 65 72 72 6f 72 3d 6a 2e 6f 6e 6c 6f 61 64 3d 6e 75 6c 6c 2c 4f 26 26 4f 2e 61 62 6f 72 74 28 29 2c 73 2e 65 6d 70 74 79 28 29 7d 66 75 6e 63 74 69 6f 6e 20 68 28 29 7b 69 66 28 21 31 3d 3d 3d 6d 2e 6f 6e 45 72 72 6f 72 28 76 2c 78 2c 6d 29 29 72 65 74 75 72 6e 20 6c 2e 68 69 64 65 28 29 2c 46 3d 21 31 3b 6d 2e 74 69 74 6c 65 53 68 6f 77 3d 21 31 2c 6d 2e 77 69 64 74 68 3d 22 61 75 74 6f 22 2c 6d 2e 68 65 69 67 68 74 3d 22 61 75 74 6f 22 2c 73 2e 68 74 6d 6c 28 27 3c 70 20 69 64 3d 22 66 61 6e 63 79 62 6f 78 2d 65 72 72 6f 72 22 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 63 6f 6e 74 65 6e 74 20 63 61 6e 6e 6f 74 20 62 65 20 6c 6f 61 64 65
                                                                                                                                                                                                                          Data Ascii: !function(c){function r(){l.hide(),j.onerror=j.onload=null,O&&O.abort(),s.empty()}function h(){if(!1===m.onError(v,x,m))return l.hide(),F=!1;m.titleShow=!1,m.width="auto",m.height="auto",s.html('<p id="fancybox-error">The requested content cannot be loade
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC1369INData Raw: 7c 22 22 2c 64 2e 6e 6f 64 65 4e 61 6d 65 26 26 21 6d 2e 6f 72 69 67 26 26 28 6d 2e 6f 72 69 67 3d 63 28 64 29 2e 63 68 69 6c 64 72 65 6e 28 22 69 6d 67 3a 66 69 72 73 74 22 29 2e 6c 65 6e 67 74 68 3f 63 28 64 29 2e 63 68 69 6c 64 72 65 6e 28 22 69 6d 67 3a 66 69 72 73 74 22 29 3a 63 28 64 29 29 2c 22 22 3d 3d 3d 65 26 26 6d 2e 6f 72 69 67 26 26 6d 2e 74 69 74 6c 65 46 72 6f 6d 41 6c 74 26 26 28 65 3d 6d 2e 6f 72 69 67 2e 61 74 74 72 28 22 61 6c 74 22 29 29 2c 6e 3d 6d 2e 68 72 65 66 7c 7c 28 64 2e 6e 6f 64 65 4e 61 6d 65 3f 63 28 64 29 2e 61 74 74 72 28 22 68 72 65 66 22 29 3a 64 2e 68 72 65 66 29 7c 7c 6e 75 6c 6c 2c 21 2f 5e 28 3f 3a 6a 61 76 61 73 63 72 69 70 74 29 2f 69 2e 74 65 73 74 28 6e 29 26 26 22 23 22 21 3d 6e 7c 7c 28 6e 3d 6e 75 6c 6c 29 2c
                                                                                                                                                                                                                          Data Ascii: |"",d.nodeName&&!m.orig&&(m.orig=c(d).children("img:first").length?c(d).children("img:first"):c(d)),""===e&&m.orig&&m.titleFromAlt&&(e=m.orig.attr("alt")),n=m.href||(d.nodeName?c(d).attr("href"):d.href)||null,!/^(?:javascript)/i.test(n)&&"#"!=n||(n=null),
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC1369INData Raw: 74 69 76 69 74 79 28 29 2c 28 6a 3d 6e 65 77 20 49 6d 61 67 65 29 2e 6f 6e 65 72 72 6f 72 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 68 28 29 7d 2c 6a 2e 6f 6e 6c 6f 61 64 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 46 3d 21 30 2c 6a 2e 6f 6e 65 72 72 6f 72 3d 6a 2e 6f 6e 6c 6f 61 64 3d 6e 75 6c 6c 2c 42 28 29 7d 2c 6a 2e 73 72 63 3d 6e 3b 62 72 65 61 6b 3b 63 61 73 65 22 73 77 66 22 3a 6d 2e 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 2c 69 3d 27 3c 6f 62 6a 65 63 74 20 63 6c 61 73 73 69 64 3d 22 63 6c 73 69 64 3a 44 32 37 43 44 42 36 45 2d 41 45 36 44 2d 31 31 63 66 2d 39 36 42 38 2d 34 34 34 35 35 33 35 34 30 30 30 30 22 20 77 69 64 74 68 3d 22 27 2b 6d 2e 77 69 64 74 68 2b 27 22 20 68 65 69 67 68 74 3d 22 27 2b 6d 2e 68 65 69 67 68 74 2b 27 22 3e 3c 70 61 72 61 6d 20
                                                                                                                                                                                                                          Data Ascii: tivity(),(j=new Image).onerror=function(){h()},j.onload=function(){F=!0,j.onerror=j.onload=null,B()},j.src=n;break;case"swf":m.scrolling="no",i='<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" width="'+m.width+'" height="'+m.height+'"><param
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC1369INData Raw: 64 28 63 28 22 3c 64 69 76 2f 3e 22 29 5b 30 5d 2c 7b 70 72 6f 70 3a 30 7d 29 2c 50 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 6d 2e 77 69 64 74 68 2c 65 3d 6d 2e 68 65 69 67 68 74 2c 74 3d 2d 31 3c 74 2e 74 6f 53 74 72 69 6e 67 28 29 2e 69 6e 64 65 78 4f 66 28 22 25 22 29 3f 70 61 72 73 65 49 6e 74 28 28 63 28 77 69 6e 64 6f 77 29 2e 77 69 64 74 68 28 29 2d 32 2a 6d 2e 6d 61 72 67 69 6e 29 2a 70 61 72 73 65 46 6c 6f 61 74 28 74 29 2f 31 30 30 2c 31 30 29 2b 22 70 78 22 3a 22 61 75 74 6f 22 3d 3d 74 3f 22 61 75 74 6f 22 3a 74 2b 22 70 78 22 2c 65 3d 2d 31 3c 65 2e 74 6f 53 74 72 69 6e 67 28 29 2e 69 6e 64 65 78 4f 66 28 22 25 22 29 3f 70 61 72 73 65 49 6e 74 28 28 63 28 77 69 6e 64 6f 77 29 2e 68 65 69 67 68 74 28 29 2d 32 2a 6d 2e 6d 61 72 67
                                                                                                                                                                                                                          Data Ascii: d(c("<div/>")[0],{prop:0}),P=function(){var t=m.width,e=m.height,t=-1<t.toString().indexOf("%")?parseInt((c(window).width()-2*m.margin)*parseFloat(t)/100,10)+"px":"auto"==t?"auto":t+"px",e=-1<e.toString().indexOf("%")?parseInt((c(window).height()-2*m.marg
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC1369INData Raw: 65 6e 74 73 28 29 29 2e 66 61 64 65 54 6f 28 43 2e 63 68 61 6e 67 65 46 61 64 65 2c 31 2c 7a 29 7d 63 2e 65 76 65 6e 74 2e 74 72 69 67 67 65 72 28 22 66 61 6e 63 79 62 6f 78 2d 63 68 61 6e 67 65 22 29 2c 66 2e 65 6d 70 74 79 28 29 2e 72 65 6d 6f 76 65 41 74 74 72 28 22 66 69 6c 74 65 72 22 29 2e 63 73 73 28 7b 22 62 6f 72 64 65 72 2d 77 69 64 74 68 22 3a 43 2e 70 61 64 64 69 6e 67 2c 77 69 64 74 68 3a 77 2e 77 69 64 74 68 2d 32 2a 43 2e 70 61 64 64 69 6e 67 2c 68 65 69 67 68 74 3a 6d 2e 61 75 74 6f 44 69 6d 65 6e 73 69 6f 6e 73 3f 22 61 75 74 6f 22 3a 77 2e 68 65 69 67 68 74 2d 41 2d 32 2a 43 2e 70 61 64 64 69 6e 67 7d 29 2c 65 3f 74 28 29 3a 28 4e 2e 70 72 6f 70 3d 30 2c 63 28 4e 29 2e 61 6e 69 6d 61 74 65 28 7b 70 72 6f 70 3a 31 7d 2c 7b 64 75 72 61 74
                                                                                                                                                                                                                          Data Ascii: ents()).fadeTo(C.changeFade,1,z)}c.event.trigger("fancybox-change"),f.empty().removeAttr("filter").css({"border-width":C.padding,width:w.width-2*C.padding,height:m.autoDimensions?"auto":w.height-A-2*C.padding}),e?t():(N.prop=0,c(N).animate({prop:1},{durat
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC1369INData Raw: 7b 63 61 73 65 22 69 6e 73 69 64 65 22 3a 70 2e 63 73 73 28 7b 77 69 64 74 68 3a 77 2e 77 69 64 74 68 2d 32 2a 43 2e 70 61 64 64 69 6e 67 2c 6d 61 72 67 69 6e 4c 65 66 74 3a 43 2e 70 61 64 64 69 6e 67 2c 6d 61 72 67 69 6e 52 69 67 68 74 3a 43 2e 70 61 64 64 69 6e 67 7d 29 2c 41 3d 70 2e 6f 75 74 65 72 48 65 69 67 68 74 28 21 30 29 2c 70 2e 61 70 70 65 6e 64 54 6f 28 65 29 2c 77 2e 68 65 69 67 68 74 2b 3d 41 3b 62 72 65 61 6b 3b 63 61 73 65 22 6f 76 65 72 22 3a 70 2e 63 73 73 28 7b 6d 61 72 67 69 6e 4c 65 66 74 3a 43 2e 70 61 64 64 69 6e 67 2c 77 69 64 74 68 3a 77 2e 77 69 64 74 68 2d 32 2a 43 2e 70 61 64 64 69 6e 67 2c 62 6f 74 74 6f 6d 3a 43 2e 70 61 64 64 69 6e 67 7d 29 2e 61 70 70 65 6e 64 54 6f 28 65 29 3b 62 72 65 61 6b 3b 63 61 73 65 22 66 6c 6f 61
                                                                                                                                                                                                                          Data Ascii: {case"inside":p.css({width:w.width-2*C.padding,marginLeft:C.padding,marginRight:C.padding}),A=p.outerHeight(!0),p.appendTo(e),w.height+=A;break;case"over":p.css({marginLeft:C.padding,width:w.width-2*C.padding,bottom:C.padding}).appendTo(e);break;case"floa
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC1369INData Raw: 6e 53 63 72 6f 6c 6c 26 26 63 28 77 69 6e 64 6f 77 29 2e 6f 6e 28 22 73 63 72 6f 6c 6c 2e 66 62 22 2c 63 2e 66 61 6e 63 79 62 6f 78 2e 63 65 6e 74 65 72 29 2c 22 69 66 72 61 6d 65 22 3d 3d 43 2e 74 79 70 65 26 26 63 28 27 3c 69 66 72 61 6d 65 20 69 64 3d 22 66 61 6e 63 79 62 6f 78 2d 66 72 61 6d 65 22 20 6e 61 6d 65 3d 22 66 61 6e 63 79 62 6f 78 2d 66 72 61 6d 65 27 2b 28 6e 65 77 20 44 61 74 65 29 2e 67 65 74 54 69 6d 65 28 29 2b 27 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 68 73 70 61 63 65 3d 22 30 22 20 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 27 2b 6d 2e 73 63 72 6f 6c 6c 69 6e 67 2b 27 22 20 73 72 63 3d 22 27 2b 43 2e 68 72 65 66 2b 27 22 3e 3c 2f 69 66 72 61 6d 65 3e 27 29 2e 61 70 70 65 6e 64 54 6f 28 66 29 2c 6e 2e 73 68 6f 77 28 29 2c 46
                                                                                                                                                                                                                          Data Ascii: nScroll&&c(window).on("scroll.fb",c.fancybox.center),"iframe"==C.type&&c('<iframe id="fancybox-frame" name="fancybox-frame'+(new Date).getTime()+'" frameborder="0" hspace="0" scrolling="'+m.scrolling+'" src="'+C.href+'"></iframe>').appendTo(f),n.show(),F
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC1369INData Raw: 65 5b 33 5d 2d 32 30 2c 65 5b 33 5d 2b 2e 35 2a 28 65 5b 31 5d 2d 69 2e 68 65 69 67 68 74 2d 34 30 29 29 2c 31 30 29 2c 69 2e 6c 65 66 74 3d 70 61 72 73 65 49 6e 74 28 4d 61 74 68 2e 6d 61 78 28 65 5b 32 5d 2d 32 30 2c 65 5b 32 5d 2b 2e 35 2a 28 65 5b 30 5d 2d 69 2e 77 69 64 74 68 2d 34 30 29 29 2c 31 30 29 2c 69 7d 2c 52 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 2c 65 2c 69 2c 6e 3d 21 21 6d 2e 6f 72 69 67 26 26 63 28 6d 2e 6f 72 69 67 29 3b 72 65 74 75 72 6e 20 6e 26 26 6e 2e 6c 65 6e 67 74 68 3f 28 28 69 3d 28 65 3d 6e 29 2e 6f 66 66 73 65 74 28 29 29 2e 74 6f 70 2b 3d 70 61 72 73 65 49 6e 74 28 65 2e 63 73 73 28 22 70 61 64 64 69 6e 67 54 6f 70 22 29 2c 31 30 29 7c 7c 30 2c 69 2e 6c 65 66 74 2b 3d 70 61 72 73 65 49 6e 74 28 65 2e 63 73 73 28
                                                                                                                                                                                                                          Data Ascii: e[3]-20,e[3]+.5*(e[1]-i.height-40)),10),i.left=parseInt(Math.max(e[2]-20,e[2]+.5*(e[0]-i.width-40)),10),i},R=function(){var t,e,i,n=!!m.orig&&c(m.orig);return n&&n.length?((i=(e=n).offset()).top+=parseInt(e.css("paddingTop"),10)||0,i.left+=parseInt(e.css(
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC1369INData Raw: 61 74 61 28 22 66 61 6e 63 79 62 6f 78 22 2c 63 2e 65 78 74 65 6e 64 28 7b 63 6f 6e 74 65 6e 74 3a 74 7d 2c 65 29 29 2c 76 2e 70 75 73 68 28 74 29 3b 28 78 3e 76 2e 6c 65 6e 67 74 68 7c 7c 78 3c 30 29 26 26 28 78 3d 30 29 2c 61 28 29 7d 7d 2c 63 2e 66 61 6e 63 79 62 6f 78 2e 73 68 6f 77 41 63 74 69 76 69 74 79 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 63 6c 65 61 72 49 6e 74 65 72 76 61 6c 28 62 29 2c 6c 2e 73 68 6f 77 28 29 2c 62 3d 73 65 74 49 6e 74 65 72 76 61 6c 28 74 2c 36 36 29 7d 2c 63 2e 66 61 6e 63 79 62 6f 78 2e 68 69 64 65 41 63 74 69 76 69 74 79 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 6c 2e 68 69 64 65 28 29 7d 2c 63 2e 66 61 6e 63 79 62 6f 78 2e 6e 65 78 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 63 2e 66 61 6e 63 79 62 6f 78 2e 70 6f
                                                                                                                                                                                                                          Data Ascii: ata("fancybox",c.extend({content:t},e)),v.push(t);(x>v.length||x<0)&&(x=0),a()}},c.fancybox.showActivity=function(){clearInterval(b),l.show(),b=setInterval(t,66)},c.fancybox.hideActivity=function(){l.hide()},c.fancybox.next=function(){return c.fancybox.po
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC1369INData Raw: 69 67 68 74 28 29 29 2c 63 2e 66 61 6e 63 79 62 6f 78 2e 63 65 6e 74 65 72 28 21 30 29 7d 2c 63 2e 66 61 6e 63 79 62 6f 78 2e 63 65 6e 74 65 72 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 2c 65 3b 46 7c 7c 28 65 3d 21 30 3d 3d 3d 61 72 67 75 6d 65 6e 74 73 5b 30 5d 3f 31 3a 30 2c 74 3d 6f 28 29 2c 21 65 26 26 28 6e 2e 77 69 64 74 68 28 29 3e 74 5b 30 5d 7c 7c 6e 2e 68 65 69 67 68 74 28 29 3e 74 5b 31 5d 29 7c 7c 6e 2e 73 74 6f 70 28 29 2e 61 6e 69 6d 61 74 65 28 7b 74 6f 70 3a 70 61 72 73 65 49 6e 74 28 4d 61 74 68 2e 6d 61 78 28 74 5b 33 5d 2d 32 30 2c 74 5b 33 5d 2b 2e 35 2a 28 74 5b 31 5d 2d 66 2e 68 65 69 67 68 74 28 29 2d 34 30 29 2d 43 2e 70 61 64 64 69 6e 67 29 29 2c 6c 65 66 74 3a 70 61 72 73 65 49 6e 74 28 4d 61 74 68 2e 6d 61 78 28 74 5b
                                                                                                                                                                                                                          Data Ascii: ight()),c.fancybox.center(!0)},c.fancybox.center=function(){var t,e;F||(e=!0===arguments[0]?1:0,t=o(),!e&&(n.width()>t[0]||n.height()>t[1])||n.stop().animate({top:parseInt(Math.max(t[3]-20,t[3]+.5*(t[1]-f.height()-40)-C.padding)),left:parseInt(Math.max(t[


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          47192.168.2.449794104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC830OUTGET /wp-content/plugins/nextgen-gallery/static/Lightbox/fancybox/nextgen_fancybox_init.js?ver=3.59.2 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: script
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912399.58.0.0; edduh_hash=4c798686f90c46ceff63ed3c997fa277
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC842INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:22 GMT
                                                                                                                                                                                                                          Content-Type: application/javascript
                                                                                                                                                                                                                          Content-Length: 508
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cf-Bgj: minify
                                                                                                                                                                                                                          Cf-Polished: origSize=962
                                                                                                                                                                                                                          ETag: "1020d2-3c2-615c1f675ce0a-gzip"
                                                                                                                                                                                                                          Last-Modified: Wed, 10 Apr 2024 18:11:08 GMT
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: HIT
                                                                                                                                                                                                                          Age: 1641
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cCJ1Ol5zUz2fYTX84qZlhLLR%2FHrQU0M16bBjnaePNczvSSXumzL63i0IkD8lQ1UJnsBf0aS5Uuuc1ip39PHzqM8VdRcMcw5mVyFJDTUgg%2F5DeRp0g588rzk2U%2Bw%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c23409a37003-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC508INData Raw: 6a 51 75 65 72 79 28 66 75 6e 63 74 69 6f 6e 28 24 29 7b 76 61 72 20 6e 65 78 74 67 65 6e 5f 66 61 6e 63 79 62 6f 78 5f 69 6e 69 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 73 65 6c 65 63 74 6f 72 3d 6e 65 78 74 67 65 6e 5f 6c 69 67 68 74 62 6f 78 5f 66 69 6c 74 65 72 5f 73 65 6c 65 63 74 6f 72 28 24 2c 24 28 22 2e 6e 67 67 2d 66 61 6e 63 79 62 6f 78 22 29 29 3b 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 63 6c 69 63 6b 22 2c 65 3d 3e 7b 6c 65 74 20 24 74 61 72 67 65 74 3d 24 28 65 2e 74 61 72 67 65 74 29 3b 69 66 28 24 74 61 72 67 65 74 2e 69 73 28 73 65 6c 65 63 74 6f 72 29 7c 7c 24 74 61 72 67 65 74 2e 70 61 72 65 6e 74 73 28 27 61 27 29 2e 69 73 28 73 65 6c 65 63 74 6f 72 29 29 7b 65 2e 70 72 65 76 65 6e 74 44 65
                                                                                                                                                                                                                          Data Ascii: jQuery(function($){var nextgen_fancybox_init=function(){var selector=nextgen_lightbox_filter_selector($,$(".ngg-fancybox"));window.addEventListener("click",e=>{let $target=$(e.target);if($target.is(selector)||$target.parents('a').is(selector)){e.preventDe


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          48192.168.2.449796192.0.76.34434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC517OUTGET /e-202418.js HTTP/1.1
                                                                                                                                                                                                                          Host: stats.wp.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: script
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC432INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:22 GMT
                                                                                                                                                                                                                          Content-Type: application/javascript
                                                                                                                                                                                                                          Content-Length: 7329
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          x-minify: t
                                                                                                                                                                                                                          x-minify-cache: hit
                                                                                                                                                                                                                          etag: W/14377-1704402356565.5398
                                                                                                                                                                                                                          Expires: Mon, 28 Apr 2025 18:45:31 GMT
                                                                                                                                                                                                                          Cache-Control: max-age=31536000
                                                                                                                                                                                                                          Access-Control-Allow-Methods: GET, HEAD
                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                          X-nc: HIT dca
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC937INData Raw: 77 69 6e 64 6f 77 2e 77 70 63 6f 6d 3d 77 69 6e 64 6f 77 2e 77 70 63 6f 6d 7c 7c 7b 7d 3b 77 69 6e 64 6f 77 2e 5f 73 74 71 3d 77 69 6e 64 6f 77 2e 5f 73 74 71 7c 7c 5b 5d 3b 66 75 6e 63 74 69 6f 6e 20 73 74 5f 67 6f 28 74 29 7b 77 69 6e 64 6f 77 2e 5f 73 74 71 2e 70 75 73 68 28 5b 22 76 69 65 77 22 2c 74 5d 29 7d 3b 66 75 6e 63 74 69 6f 6e 20 6c 69 6e 6b 74 72 61 63 6b 65 72 5f 69 6e 69 74 28 74 2c 65 29 7b 77 69 6e 64 6f 77 2e 5f 73 74 71 2e 70 75 73 68 28 5b 22 63 6c 69 63 6b 54 72 61 63 6b 65 72 49 6e 69 74 22 2c 74 2c 65 5d 29 7d 3b 77 69 6e 64 6f 77 2e 77 70 63 6f 6d 2e 73 74 61 74 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 2c 6e 3b 76 61 72 20 6f 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 65 2c
                                                                                                                                                                                                                          Data Ascii: window.wpcom=window.wpcom||{};window._stq=window._stq||[];function st_go(t){window._stq.push(["view",t])};function linktracker_init(t,e){window._stq.push(["clickTrackerInit",t,e])};window.wpcom.stats=function(){var t=function(){var t,n;var o=function(t,e,
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC1369INData Raw: 6a 65 63 74 22 21 3d 3d 74 79 70 65 6f 66 20 65 29 72 65 74 75 72 6e 3b 77 68 69 6c 65 28 22 41 22 21 3d 3d 65 2e 6e 6f 64 65 4e 61 6d 65 29 7b 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 3d 74 79 70 65 6f 66 20 65 2e 6e 6f 64 65 4e 61 6d 65 29 72 65 74 75 72 6e 3b 69 66 28 22 6f 62 6a 65 63 74 22 21 3d 3d 74 79 70 65 6f 66 20 65 2e 70 61 72 65 6e 74 4e 6f 64 65 29 72 65 74 75 72 6e 3b 65 3d 65 2e 70 61 72 65 6e 74 4e 6f 64 65 7d 3b 69 66 28 66 28 65 29 29 72 65 74 75 72 6e 3b 69 66 28 22 6a 61 76 61 73 63 72 69 70 74 3a 22 3d 3d 3d 65 2e 70 72 6f 74 6f 63 6f 6c 29 72 65 74 75 72 6e 3b 77 69 6e 64 6f 77 2e 5f 73 74 71 2e 70 75 73 68 28 5b 22 63 6c 69 63 6b 22 2c 7b 73 3a 22 32 22 2c 75 3a 65 2e 68 72 65 66 2c 72 3a 22 75 6e 64 65 66 69 6e 65 64 22 21
                                                                                                                                                                                                                          Data Ascii: ject"!==typeof e)return;while("A"!==e.nodeName){if("undefined"===typeof e.nodeName)return;if("object"!==typeof e.parentNode)return;e=e.parentNode};if(f(e))return;if("javascript:"===e.protocol)return;window._stq.push(["click",{s:"2",u:e.href,r:"undefined"!
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC1369INData Raw: 2e 65 66 66 65 63 74 69 76 65 54 79 70 65 7d 69 66 28 65 2e 72 74 74 29 7b 74 2e 63 6f 6e 6e 5f 72 74 74 3d 65 2e 72 74 74 7d 69 66 28 65 2e 64 6f 77 6e 6c 69 6e 6b 29 7b 74 2e 63 6f 6e 6e 5f 64 6f 77 6e 6c 69 6e 6b 3d 65 2e 64 6f 77 6e 6c 69 6e 6b 7d 7d 69 66 28 77 69 6e 64 6f 77 2e 70 65 72 66 6f 72 6d 61 6e 63 65 29 7b 76 61 72 20 6e 3d 77 69 6e 64 6f 77 2e 70 65 72 66 6f 72 6d 61 6e 63 65 3b 69 66 28 77 69 6e 64 6f 77 2e 50 65 72 66 6f 72 6d 61 6e 63 65 4e 61 76 69 67 61 74 69 6f 6e 54 69 6d 69 6e 67 29 7b 76 61 72 20 6f 3d 6e 2e 67 65 74 45 6e 74 72 69 65 73 42 79 54 79 70 65 28 22 6e 61 76 69 67 61 74 69 6f 6e 22 29 5b 30 5d 3b 69 66 28 6f 2e 6e 65 78 74 48 6f 70 50 72 6f 74 6f 63 6f 6c 29 7b 74 2e 70 72 6f 74 6f 63 6f 6c 3d 6f 2e 6e 65 78 74 48 6f
                                                                                                                                                                                                                          Data Ascii: .effectiveType}if(e.rtt){t.conn_rtt=e.rtt}if(e.downlink){t.conn_downlink=e.downlink}}if(window.performance){var n=window.performance;if(window.PerformanceNavigationTiming){var o=n.getEntriesByType("navigation")[0];if(o.nextHopProtocol){t.protocol=o.nextHo
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC1369INData Raw: 74 69 6f 6e 3b 66 2b 3d 31 7d 65 6c 73 65 20 69 66 28 22 63 73 73 22 3d 3d 3d 6a 29 7b 75 2b 3d 45 2e 64 75 72 61 74 69 6f 6e 3b 61 2b 3d 31 7d 65 6c 73 65 20 69 66 28 22 67 69 66 22 3d 3d 3d 6a 7c 7c 22 6a 70 67 22 3d 3d 3d 6a 7c 7c 22 6a 70 65 67 22 3d 3d 3d 6a 7c 7c 22 70 6e 67 22 3d 3d 3d 6a 29 7b 6c 2b 3d 45 2e 64 75 72 61 74 69 6f 6e 3b 64 2b 3d 31 7d 65 6c 73 65 20 69 66 28 22 77 6f 66 66 22 3d 3d 3d 6a 7c 7c 22 77 6f 66 66 32 22 3d 3d 3d 6a 7c 7c 22 74 74 66 22 3d 3d 3d 6a 7c 7c 22 6f 74 66 22 3d 3d 3d 6a 29 7b 6d 2b 3d 45 2e 64 75 72 61 74 69 6f 6e 3b 63 2b 3d 31 7d 65 6c 73 65 7b 77 2b 3d 45 2e 64 75 72 61 74 69 6f 6e 3b 73 2b 3d 31 7d 7d 65 6c 73 65 7b 77 2b 3d 45 2e 64 75 72 61 74 69 6f 6e 3b 73 2b 3d 31 7d 7d 74 2e 66 69 6c 65 73 5f 6f 72 69
                                                                                                                                                                                                                          Data Ascii: tion;f+=1}else if("css"===j){u+=E.duration;a+=1}else if("gif"===j||"jpg"===j||"jpeg"===j||"png"===j){l+=E.duration;d+=1}else if("woff"===j||"woff2"===j||"ttf"===j||"otf"===j){m+=E.duration;c+=1}else{w+=E.duration;s+=1}}else{w+=E.duration;s+=1}}t.files_ori
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC1369INData Raw: 5f 75 69 3d 66 28 29 3b 74 2e 5f 75 74 3d 22 61 6e 6f 6e 22 3b 74 2e 5f 65 6e 3d 22 6a 65 74 70 61 63 6b 5f 70 61 67 65 76 69 65 77 5f 74 69 6d 69 6e 67 22 3b 76 61 72 20 65 3d 6e 65 77 20 44 61 74 65 3b 74 2e 5f 74 73 3d 65 2e 67 65 74 54 69 6d 65 28 29 3b 74 2e 5f 74 7a 3d 65 2e 67 65 74 54 69 6d 65 7a 6f 6e 65 4f 66 66 73 65 74 28 29 2f 36 30 3b 76 61 72 20 6e 3d 77 69 6e 64 6f 77 2e 6e 61 76 69 67 61 74 6f 72 3b 76 61 72 20 6f 3d 77 69 6e 64 6f 77 2e 73 63 72 65 65 6e 3b 74 2e 5f 6c 67 3d 6e 2e 6c 61 6e 67 75 61 67 65 3b 74 2e 5f 70 66 3d 6e 2e 70 6c 61 74 66 6f 72 6d 3b 74 2e 5f 68 74 3d 6f 2e 68 65 69 67 68 74 3b 74 2e 5f 77 64 3d 6f 2e 77 69 64 74 68 3b 76 61 72 20 69 3d 77 69 6e 64 6f 77 2e 70 61 67 65 58 4f 66 66 73 65 74 21 3d 3d 75 6e 64 65 66
                                                                                                                                                                                                                          Data Ascii: _ui=f();t._ut="anon";t._en="jetpack_pageview_timing";var e=new Date;t._ts=e.getTime();t._tz=e.getTimezoneOffset()/60;var n=window.navigator;var o=window.screen;t._lg=n.language;t._pf=n.platform;t._ht=o.height;t._wd=o.width;var i=window.pageXOffset!==undef
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC916INData Raw: 69 63 6b 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 6f 28 22 63 2e 67 69 66 22 2c 6e 28 74 29 2c 66 61 6c 73 65 29 7d 2c 63 6c 69 63 6b 54 72 61 63 6b 65 72 49 6e 69 74 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 6e 29 7b 74 2e 69 6e 69 74 28 65 2c 6e 29 7d 2c 73 61 6d 70 6c 65 50 65 72 66 6f 72 6d 61 6e 63 65 3a 66 75 6e 63 74 69 6f 6e 28 74 2c 65 2c 72 29 7b 69 66 28 21 77 69 6e 64 6f 77 2e 70 65 72 66 6f 72 6d 61 6e 63 65 29 7b 72 65 74 75 72 6e 7d 76 61 72 20 61 3d 7b 62 6c 6f 67 3a 74 2c 70 6f 73 74 3a 65 2c 62 6c 6f 67 5f 69 64 3a 74 2c 6a 65 74 70 61 63 6b 5f 76 65 72 73 69 6f 6e 3a 72 7d 3b 64 28 61 29 3b 69 28 61 29 3b 6f 28 22 74 2e 67 69 66 22 2c 6e 28 61 29 29 7d 7d 3b 76 61 72 20 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 79 70 65 6f
                                                                                                                                                                                                                          Data Ascii: ick:function(t){o("c.gif",n(t),false)},clickTrackerInit:function(e,n){t.init(e,n)},samplePerformance:function(t,e,r){if(!window.performance){return}var a={blog:t,post:e,blog_id:t,jetpack_version:r};d(a);i(a);o("t.gif",n(a))}};var s=function(){return typeo


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          49192.168.2.449795104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC813OUTGET /wp-content/plugins/easy-digital-downloads-pro/assets/js/edd-ajax.js?ver=3.2.12 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: script
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912399.58.0.0; edduh_hash=4c798686f90c46ceff63ed3c997fa277
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC780INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:22 GMT
                                                                                                                                                                                                                          Content-Type: application/javascript
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Mon, 29 Apr 2024 20:18:13 GMT
                                                                                                                                                                                                                          ETag: W/"105e8c-30af-61741f3f99e94-gzip"
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gugS9LDsPXpnQvc3pKdsAVIFvV9l249Bt7i0AaKM8QT6kCF20dTbXt%2FSHfzk1i7nCqwkLH3ZeapEHitiUT3H5q0FNbtYhkdgM%2BvS%2BjpaxxAjOEj0jz9K6YmwN3g%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c2341a865b4c-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC589INData Raw: 33 30 61 66 0d 0a 21 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 7b 7d 3b 66 75 6e 63 74 69 6f 6e 20 64 28 61 29 7b 69 66 28 74 5b 61 5d 29 72 65 74 75 72 6e 20 74 5b 61 5d 2e 65 78 70 6f 72 74 73 3b 76 61 72 20 72 3d 74 5b 61 5d 3d 7b 69 3a 61 2c 6c 3a 21 31 2c 65 78 70 6f 72 74 73 3a 7b 7d 7d 3b 72 65 74 75 72 6e 20 65 5b 61 5d 2e 63 61 6c 6c 28 72 2e 65 78 70 6f 72 74 73 2c 72 2c 72 2e 65 78 70 6f 72 74 73 2c 64 29 2c 72 2e 6c 3d 21 30 2c 72 2e 65 78 70 6f 72 74 73 7d 64 2e 6d 3d 65 2c 64 2e 63 3d 74 2c 64 2e 64 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 61 29 7b 64 2e 6f 28 65 2c 74 29 7c 7c 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 65 2c 74 2c 7b 65 6e 75 6d 65 72 61 62 6c 65 3a 21 30 2c 67 65 74 3a 61 7d 29 7d 2c 64
                                                                                                                                                                                                                          Data Ascii: 30af!function(e){var t={};function d(a){if(t[a])return t[a].exports;var r=t[a]={i:a,l:!1,exports:{}};return e[a].call(r.exports,r,r.exports,d),r.l=!0,r.exports}d.m=e,d.c=t,d.d=function(e,t,a){d.o(e,t)||Object.defineProperty(e,t,{enumerable:!0,get:a})},d
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC1369INData Raw: 2c 22 64 65 66 61 75 6c 74 22 2c 7b 65 6e 75 6d 65 72 61 62 6c 65 3a 21 30 2c 76 61 6c 75 65 3a 65 7d 29 2c 32 26 74 26 26 22 73 74 72 69 6e 67 22 21 3d 74 79 70 65 6f 66 20 65 29 66 6f 72 28 76 61 72 20 72 20 69 6e 20 65 29 64 2e 64 28 61 2c 72 2c 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 65 5b 74 5d 7d 2e 62 69 6e 64 28 6e 75 6c 6c 2c 72 29 29 3b 72 65 74 75 72 6e 20 61 7d 2c 64 2e 6e 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 65 26 26 65 2e 5f 5f 65 73 4d 6f 64 75 6c 65 3f 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 2e 64 65 66 61 75 6c 74 7d 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 7d 3b 72 65 74 75 72 6e 20 64 2e 64 28 74 2c 22 61 22 2c 74 29 2c 74 7d 2c 64 2e 6f 3d 66 75 6e 63 74 69 6f 6e
                                                                                                                                                                                                                          Data Ascii: ,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var r in e)d.d(a,r,function(t){return e[t]}.bind(null,r));return a},d.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return d.d(t,"a",t),t},d.o=function
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC1369INData Raw: 73 63 72 69 70 74 73 2e 61 6a 61 78 75 72 6c 2c 78 68 72 46 69 65 6c 64 73 3a 7b 77 69 74 68 43 72 65 64 65 6e 74 69 61 6c 73 3a 21 30 7d 2c 73 75 63 63 65 73 73 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 69 66 28 74 2e 72 65 6d 6f 76 65 64 29 7b 69 66 28 70 61 72 73 65 49 6e 74 28 65 64 64 5f 73 63 72 69 70 74 73 2e 70 6f 73 69 74 69 6f 6e 5f 69 6e 5f 63 61 72 74 2c 31 30 29 3d 3d 3d 70 61 72 73 65 49 6e 74 28 61 2c 31 30 29 7c 7c 65 64 64 5f 73 63 72 69 70 74 73 2e 68 61 73 5f 70 75 72 63 68 61 73 65 5f 6c 69 6e 6b 73 29 72 65 74 75 72 6e 20 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 3d 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2c 21 31 3b 65 28 22 2e 65 64 64 2d 63 61 72 74 22 29 2e 65 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 65 28 74 68 69 73
                                                                                                                                                                                                                          Data Ascii: scripts.ajaxurl,xhrFields:{withCredentials:!0},success:function(t){if(t.removed){if(parseInt(edd_scripts.position_in_cart,10)===parseInt(a,10)||edd_scripts.has_purchase_links)return window.location=window.location,!1;e(".edd-cart").each((function(){e(this
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC1369INData Raw: 70 74 79 5f 63 61 72 74 5f 6d 65 73 73 61 67 65 2b 22 3c 2f 6c 69 3e 22 29 7d 29 29 29 2c 65 28 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 29 2e 74 72 69 67 67 65 72 28 22 65 64 64 5f 63 61 72 74 5f 69 74 65 6d 5f 72 65 6d 6f 76 65 64 22 2c 5b 74 5d 29 7d 7d 7d 29 2e 66 61 69 6c 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 77 69 6e 64 6f 77 2e 63 6f 6e 73 6f 6c 65 26 26 77 69 6e 64 6f 77 2e 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 26 26 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 28 65 29 7d 29 29 2e 64 6f 6e 65 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 7d 29 29 2c 21 31 7d 29 29 2c 65 28 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 29 2e 6f 6e 28 22 63 6c 69 63 6b 2e 65 64 64 41 64 64 54 6f 43 61 72 74 22 2c 22 2e 65 64 64 2d 61 64 64 2d 74 6f 2d 63 61 72 74 22 2c 28 66 75 6e 63 74 69
                                                                                                                                                                                                                          Data Ascii: pty_cart_message+"</li>")}))),e(document.body).trigger("edd_cart_item_removed",[t])}}}).fail((function(e){window.console&&window.console.log&&console.log(e)})).done((function(e){})),!1})),e(document.body).on("click.eddAddToCart",".edd-add-to-cart",(functi
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC1369INData Raw: 5f 70 61 67 65 2c 74 69 6d 65 73 74 61 6d 70 3a 64 2e 64 61 74 61 28 22 74 69 6d 65 73 74 61 6d 70 22 29 2c 74 6f 6b 65 6e 3a 64 2e 64 61 74 61 28 22 74 6f 6b 65 6e 22 29 7d 3b 72 65 74 75 72 6e 20 65 2e 61 6a 61 78 28 7b 74 79 70 65 3a 22 50 4f 53 54 22 2c 64 61 74 61 3a 6c 2c 64 61 74 61 54 79 70 65 3a 22 6a 73 6f 6e 22 2c 75 72 6c 3a 65 64 64 5f 73 63 72 69 70 74 73 2e 61 6a 61 78 75 72 6c 2c 78 68 72 46 69 65 6c 64 73 3a 7b 77 69 74 68 43 72 65 64 65 6e 74 69 61 6c 73 3a 21 30 7d 2c 73 75 63 63 65 73 73 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 63 3d 22 31 22 3d 3d 3d 65 64 64 5f 73 63 72 69 70 74 73 2e 72 65 64 69 72 65 63 74 5f 74 6f 5f 63 68 65 63 6b 6f 75 74 2c 73 3d 22 31 22 3d 3d 3d 61 2e 66 69 6e 64 28 22 69 6e 70 75 74 5b 6e 61 6d 65
                                                                                                                                                                                                                          Data Ascii: _page,timestamp:d.data("timestamp"),token:d.data("token")};return e.ajax({type:"POST",data:l,dataType:"json",url:edd_scripts.ajaxurl,xhrFields:{withCredentials:!0},success:function(t){var c="1"===edd_scripts.redirect_to_checkout,s="1"===a.find("input[name
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC1369INData Raw: 64 5f 67 6f 5f 74 6f 5f 63 68 65 63 6b 6f 75 74 22 2c 72 29 2e 73 68 6f 77 28 29 29 2c 22 6d 75 6c 74 69 22 3d 3d 3d 69 26 26 64 2e 72 65 6d 6f 76 65 41 74 74 72 28 22 64 61 74 61 2d 65 64 64 2d 6c 6f 61 64 69 6e 67 22 29 2c 65 28 22 2e 65 64 64 5f 64 6f 77 6e 6c 6f 61 64 5f 70 75 72 63 68 61 73 65 5f 66 6f 72 6d 22 29 2e 6c 65 6e 67 74 68 26 26 28 22 6e 6f 22 3d 3d 3d 6f 7c 7c 21 61 2e 66 69 6e 64 28 22 2e 65 64 64 5f 70 72 69 63 65 5f 6f 70 74 69 6f 6e 5f 22 2b 6e 29 2e 69 73 28 22 69 6e 70 75 74 3a 68 69 64 64 65 6e 22 29 29 29 7b 76 61 72 20 5f 3d 65 28 27 2e 65 64 64 5f 64 6f 77 6e 6c 6f 61 64 5f 70 75 72 63 68 61 73 65 5f 66 6f 72 6d 20 2a 5b 64 61 74 61 2d 64 6f 77 6e 6c 6f 61 64 2d 69 64 3d 22 27 2b 6e 2b 27 22 5d 27 29 2e 70 61 72 65 6e 74 73 28
                                                                                                                                                                                                                          Data Ascii: d_go_to_checkout",r).show()),"multi"===i&&d.removeAttr("data-edd-loading"),e(".edd_download_purchase_form").length&&("no"===o||!a.find(".edd_price_option_"+n).is("input:hidden"))){var _=e('.edd_download_purchase_form *[data-download-id="'+n+'"]').parents(
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC1369INData Raw: 3b 76 61 72 20 61 3d 7b 61 63 74 69 6f 6e 3a 22 65 64 64 5f 70 72 6f 63 65 73 73 5f 63 68 65 63 6b 6f 75 74 5f 6c 6f 67 69 6e 22 2c 65 64 64 5f 61 6a 61 78 3a 31 2c 65 64 64 5f 75 73 65 72 5f 6c 6f 67 69 6e 3a 65 28 22 23 65 64 64 5f 6c 6f 67 69 6e 5f 66 69 65 6c 64 73 20 23 65 64 64 5f 75 73 65 72 5f 6c 6f 67 69 6e 22 29 2e 76 61 6c 28 29 2c 65 64 64 5f 75 73 65 72 5f 70 61 73 73 3a 65 28 22 23 65 64 64 5f 6c 6f 67 69 6e 5f 66 69 65 6c 64 73 20 23 65 64 64 5f 75 73 65 72 5f 70 61 73 73 22 29 2e 76 61 6c 28 29 2c 65 64 64 5f 6c 6f 67 69 6e 5f 6e 6f 6e 63 65 3a 65 28 22 23 65 64 64 5f 6c 6f 67 69 6e 5f 6e 6f 6e 63 65 22 29 2e 76 61 6c 28 29 7d 3b 65 2e 70 6f 73 74 28 65 64 64 5f 67 6c 6f 62 61 6c 5f 76 61 72 73 2e 61 6a 61 78 75 72 6c 2c 61 2c 28 66 75 6e
                                                                                                                                                                                                                          Data Ascii: ;var a={action:"edd_process_checkout_login",edd_ajax:1,edd_user_login:e("#edd_login_fields #edd_user_login").val(),edd_user_pass:e("#edd_login_fields #edd_user_pass").val(),edd_login_nonce:e("#edd_login_nonce").val()};e.post(edd_global_vars.ajaxurl,a,(fun
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC1369INData Raw: 79 3a 64 2e 76 61 6c 28 29 2c 66 69 65 6c 64 5f 6e 61 6d 65 3a 72 2c 6e 6f 6e 63 65 3a 65 28 74 68 69 73 29 2e 64 61 74 61 28 22 6e 6f 6e 63 65 22 29 7d 3b 65 2e 61 6a 61 78 28 7b 74 79 70 65 3a 22 50 4f 53 54 22 2c 64 61 74 61 3a 69 2c 75 72 6c 3a 65 64 64 5f 73 63 72 69 70 74 73 2e 61 6a 61 78 75 72 6c 2c 78 68 72 46 69 65 6c 64 73 3a 7b 77 69 74 68 43 72 65 64 65 6e 74 69 61 6c 73 3a 21 30 7d 2c 73 75 63 63 65 73 73 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 64 3b 28 64 3d 22 6e 6f 73 74 61 74 65 73 22 3d 3d 3d 65 2e 74 72 69 6d 28 74 29 3f 27 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 74 65 78 74 22 20 69 64 3d 22 27 2b 72 2b 27 22 20 6e 61 6d 65 3d 22 63 61 72 64 5f 73 74 61 74 65 22 20 63 6c 61 73 73 3d 22 63 61 72 64 2d 73 74 61 74 65 20 65 64
                                                                                                                                                                                                                          Data Ascii: y:d.val(),field_name:r,nonce:e(this).data("nonce")};e.ajax({type:"POST",data:i,url:edd_scripts.ajaxurl,xhrFields:{withCredentials:!0},success:function(t){var d;(d="nostates"===e.trim(t)?'<input type="text" id="'+r+'" name="card_state" class="card-state ed
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC1369INData Raw: 72 72 6f 72 22 2c 5b 74 5d 29 29 7d 29 29 7d 7d 29 29 2c 65 28 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 29 2e 6f 6e 28 22 63 68 61 6e 67 65 22 2c 22 23 65 64 64 5f 63 63 5f 61 64 64 72 65 73 73 20 69 6e 70 75 74 2e 63 61 72 64 5f 73 74 61 74 65 2c 20 23 65 64 64 5f 63 63 5f 61 64 64 72 65 73 73 20 73 65 6c 65 63 74 2c 20 23 65 64 64 5f 61 64 64 72 65 73 73 5f 63 6f 75 6e 74 72 79 2c 20 2e 65 64 64 2d 73 74 72 69 70 65 2d 63 61 72 64 2d 69 74 65 6d 20 2e 63 61 72 64 2d 61 64 64 72 65 73 73 2d 66 69 65 6c 64 73 20 2e 61 64 64 72 65 73 73 5f 63 6f 75 6e 74 72 79 22 2c 6e 29 2c 77 69 6e 64 6f 77 2e 75 70 64 61 74 65 5f 73 74 61 74 65 5f 66 69 65 6c 64 3d 6e 2c 65 28 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 29 2e 6f 6e 28 22 63 68 61 6e 67 65 22 2c 22 23 65 64 64
                                                                                                                                                                                                                          Data Ascii: rror",[t]))}))}})),e(document.body).on("change","#edd_cc_address input.card_state, #edd_cc_address select, #edd_address_country, .edd-stripe-card-item .card-address-fields .address_country",n),window.update_state_field=n,e(document.body).on("change","#edd
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC930INData Raw: 6e 67 5f 63 6f 75 6e 74 72 79 22 29 2e 76 61 6c 28 29 2c 5f 3d 63 2e 66 69 6e 64 28 22 23 63 61 72 64 5f 61 64 64 72 65 73 73 22 29 2e 76 61 6c 28 29 2c 6c 3d 63 2e 66 69 6e 64 28 22 23 63 61 72 64 5f 61 64 64 72 65 73 73 5f 32 22 29 2e 76 61 6c 28 29 2c 75 3d 63 2e 66 69 6e 64 28 22 23 63 61 72 64 5f 63 69 74 79 22 29 2e 76 61 6c 28 29 2c 70 3d 63 2e 66 69 6e 64 28 22 23 63 61 72 64 5f 73 74 61 74 65 22 29 2e 76 61 6c 28 29 3b 74 7c 7c 28 74 3d 70 29 3b 76 61 72 20 6d 3d 7b 61 63 74 69 6f 6e 3a 22 65 64 64 5f 72 65 63 61 6c 63 75 6c 61 74 65 5f 74 61 78 65 73 22 2c 63 61 72 64 5f 61 64 64 72 65 73 73 3a 5f 2c 63 61 72 64 5f 61 64 64 72 65 73 73 5f 32 3a 6c 2c 63 61 72 64 5f 63 69 74 79 3a 75 2c 63 61 72 64 5f 7a 69 70 3a 63 2e 66 69 6e 64 28 22 23 63 61
                                                                                                                                                                                                                          Data Ascii: ng_country").val(),_=c.find("#card_address").val(),l=c.find("#card_address_2").val(),u=c.find("#card_city").val(),p=c.find("#card_state").val();t||(t=p);var m={action:"edd_recalculate_taxes",card_address:_,card_address_2:l,card_city:u,card_zip:c.find("#ca


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          50192.168.2.449797142.251.16.1134434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC1240OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912398937&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=2&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=2&tfd=3791 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:22 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          51192.168.2.449798142.251.16.1134434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC1691OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912398937&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr5.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr36.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr64.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true&_e [TRUNCATED]
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:22 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          52192.168.2.44979123.221.242.90443
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Accept-Encoding: identity
                                                                                                                                                                                                                          If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                                                                                                                                                                                                                          Range: bytes=0-2147483646
                                                                                                                                                                                                                          User-Agent: Microsoft BITS/7.8
                                                                                                                                                                                                                          Host: fs.microsoft.com
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC773INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                                                                                                                                                                                          ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                                                                                                                                                                                          ApiVersion: Distribute 1.1
                                                                                                                                                                                                                          Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                                                                                                                                                                                          X-CID: 7
                                                                                                                                                                                                                          X-CCC: US
                                                                                                                                                                                                                          X-Azure-Ref-OriginShield: Ref A: 8BFC17DD061B46CAAD2B2AEB7B19C3D8 Ref B: CH1AA2040901011 Ref C: 2023-07-21T06:04:00Z
                                                                                                                                                                                                                          X-MSEdge-Ref: Ref A: 1421F39FA7224BE199CC2F2C3DD24574 Ref B: CHI30EDGE0415 Ref C: 2023-07-21T06:04:00Z
                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                          X-Azure-Ref: 0DMGnYgAAAACXaXykPZuVRq4aV6pCkeO8U0pDRURHRTAzMTgAY2VmYzI1ODMtYTliMi00NGE3LTk3NTUtYjc2ZDE3ZTA1Zjdm
                                                                                                                                                                                                                          Cache-Control: public, max-age=66626
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:22 GMT
                                                                                                                                                                                                                          Content-Length: 55
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          X-CID: 2
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                                                                                                                                                                                                                          Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          53192.168.2.449800104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC822OUTGET /wp-content/themes/meminz/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: font
                                                                                                                                                                                                                          Referer: https://bitsum.com/wp-content/themes/meminz/css/plugins.css?ver=20240503
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912401.56.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC767INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:22 GMT
                                                                                                                                                                                                                          Content-Type: font/woff2
                                                                                                                                                                                                                          Content-Length: 66624
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Mon, 23 Nov 2015 14:28:42 GMT
                                                                                                                                                                                                                          ETag: "103a3b-10440-525360aba5a80"
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: HIT
                                                                                                                                                                                                                          Age: 5429
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J6oeQg96dJN6K6ME5PBA7EW2vqSXbr9V9K0V1uL8Au%2FcRp43xWbv7rmJbAERzuu%2BvDLHrbGJVU6HOW9uRdPhWk4Qrh9nCVuZ6264AKu0A8%2BjYDX%2BqEVg%2Bs1ykXA%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c2366f045a28-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC602INData Raw: 77 4f 46 32 00 01 00 00 00 01 04 40 00 0e 00 00 00 02 2a e8 00 01 03 e0 00 04 01 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3f 46 46 54 4d 1c 1a 20 06 60 00 85 72 11 08 0a 87 f6 1c 86 b0 35 01 36 02 24 03 94 0a 0b 8a 10 00 04 20 05 87 08 07 b0 20 3f 77 65 62 66 06 5b fc c1 91 80 d6 40 d6 8c 17 e5 a6 6e 43 80 c7 cb 9c e5 74 01 54 4c b7 c9 a1 f4 66 05 88 d6 74 1d a1 c8 c8 b0 71 00 c6 e8 a9 35 fb ff ff ff 3f 3d 69 88 6c e5 d2 91 5c db 76 6c 20 82 03 54 ff 83 ec 90 62 16 d2 15 d9 20 f4 31 07 66 c3 ba 9e 37 d4 54 87 51 d3 0a 8a 82 44 13 3b 3a bf d0 ae 12 31 95 6c d7 be 6a 76 88 af 65 d2 07 ec d2 6e 93 0f 45 89 a8 07 df a0 6b 35 3e ef a3 64 0f 37 51 a9 6c 8a 7f 42 61 94 dc 0a 92 75 e2 78 5d 2e f9 85 8b d6 f9 c0 57 92 43 b5 86 91 c8 24 ae 38
                                                                                                                                                                                                                          Data Ascii: wOF2@*?FFTM `r56$ ?webf[@nCtTLftq5?=il\vl Tb 1f7TQD;:1ljvenEk5>d7QlBaux].WC$8
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: c6 36 6b 2e d5 39 5d ba a8 76 1d 1f eb a1 9a ea ff ac 24 43 66 b4 76 c0 76 fa 10 78 40 10 b0 2d 4a b8 60 47 b0 97 d9 77 d4 fe 77 5b 10 d8 41 83 c0 14 13 04 b8 e5 34 03 6d 73 49 3e 00 c5 ff cf 69 ef d9 cf 13 f3 18 1e 70 05 c3 80 46 28 32 62 b5 bb da 18 7e 48 c9 5d 4a 95 5d 94 b1 6a dd b9 ad dc d4 46 cd 66 2d 7e 0b 40 fc c7 f3 c5 1a fa 67 67 0f 42 a0 2d a0 05 54 78 ee 25 a9 aa 70 55 d5 75 9e 8c 6d 65 07 ce 09 06 27 bf fa b2 ba 01 1c e2 e5 3b c6 01 e8 40 37 d0 0d 74 03 3d 70 4e d0 03 ea b2 fa 1d 0f 2f 5f 1f 55 38 c0 80 0d 94 ef 72 e2 86 c0 f0 ff 73 f6 9d f3 58 3d 67 d7 af 84 84 c2 48 08 11 a0 9d 1a ed 88 e8 95 16 6a 94 11 63 d8 d9 8e 90 dc 9f 64 d7 93 5f 31 6c 3a 31 69 81 e2 49 a0 b4 54 94 72 84 d7 3e a3 ba aa ed c0 76 7b 47 62 d8 b6 b1 a9 54 31 2a ef f1 d2
                                                                                                                                                                                                                          Data Ascii: 6k.9]v$Cfvvx@-J`Gww[A4msI>ipF(2b~H]J]jFf-~@ggB-Tx%pUume';@7t=pN/_U8rsX=gHjcd_1l:1iITr>v{GbT1*
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: bb 50 d5 24 e3 d4 44 af 11 e8 7d 11 15 5c a8 8b b0 5a 28 69 31 c7 25 87 84 d7 77 65 1a 36 41 d2 d5 95 bc 07 ac 8d 4a 5d 16 4d 34 65 b4 88 20 c3 67 b8 92 c4 c8 e5 62 f1 94 3e 6a 40 91 14 a6 dc 65 55 77 0a 75 a7 4e ea 53 33 15 40 7d 08 a2 b7 33 41 ee 99 58 c3 ca 3f 64 b5 9b 7a ac 38 69 1e 14 43 2f d5 c1 c9 9b c4 00 e5 4a 4b 45 00 af 96 c4 27 26 85 c4 5d e1 10 3d cf 7a ce ff 1a ba 5f a1 84 1f 7a 3b 90 f9 08 fd 1e 10 e5 26 e8 d9 1c 4b 0d 12 c6 06 52 e2 88 8f 57 03 6b c3 34 39 0c 93 00 bf 81 65 01 62 87 2c ec 9e 67 38 e3 ef 7b 6f 3e e2 64 bc 62 37 6c 31 6a f5 7c ca 98 80 12 55 de f3 00 b5 6f ca 23 cf df 5b 55 09 7b 33 37 2a 2a 45 f2 03 66 5b 0f 44 34 47 6a 41 fb d1 a2 0d 27 e1 3a ef 9e 19 e3 d2 de cc c9 f8 d4 85 38 b6 fc 60 57 bf 07 46 14 f1 92 1d f3 63 6b 4f
                                                                                                                                                                                                                          Data Ascii: P$D}\Z(i1%we6AJ]M4e gb>j@eUwuNS3@}3AX?dz8iC/JKE'&]=z_z;&KRWk49eb,g8{o>db7l1j|Uo#[U{37**Ef[D4GjA':8`WFckO
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: d3 9e a4 1e 20 0f 02 bc b7 1a 4a e9 38 61 34 da 36 a4 26 d7 30 33 33 3d d5 06 05 39 9e 05 29 ca 76 cc 9e ae f5 be 26 d2 da cd 4a 50 56 de fd cc 1a cb a2 30 fa db 5c 98 71 ac 24 ae b6 a9 48 ea e9 59 10 88 31 69 b6 be 39 ff 1e 2f 99 69 a3 7d ab b7 34 2c 7f 72 a4 d3 70 d5 bb 80 a6 72 cd 57 c7 75 62 cf 15 88 f9 69 dc 9d 13 b3 46 b7 23 a3 0b 1b 5d c0 ee 17 95 da b1 29 62 ab ba cb 2f cf 35 02 ac d5 4c 4e f4 8e 05 c7 23 0e 27 84 4f 67 ad 1a 6e 9a 78 28 61 d3 91 14 c4 10 25 b3 63 74 bd b0 eb 11 7b e9 96 26 9b 5c 60 fd db d5 ee cd ce 4e 9e cb c4 51 f8 6d a0 8b 87 95 d0 ae 9c 05 54 c9 bd d5 e3 7d c7 e9 48 79 fe ca c9 91 5c 2e 5f 2d d3 1d 6b f0 ae cc f0 c6 73 ff c1 74 aa 2a ce f8 35 24 78 8c 29 4d b5 2f ab e7 86 a1 d9 54 3d 62 71 7b 3a ee 01 59 44 db f0 e0 04 62 1e
                                                                                                                                                                                                                          Data Ascii: J8a46&033=9)v&JPV0\q$HY1i9/i}4,rprWubiF#])b/5LN#'Ognx(a%ct{&\`NQmT}Hy\._-kst*5$x)M/T=bq{:YDb
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 34 d3 20 ce aa 02 ca a1 68 24 81 e8 e0 44 b1 a4 b8 94 17 a9 ff eb 49 e1 f9 ed 50 31 87 52 75 a9 6e 36 cd 8f de 3c 5b 78 f8 38 52 77 8a 71 19 e3 e3 74 51 49 9c a4 9e 61 20 0a be 32 c2 5f 55 fb 5a 98 93 89 24 ee 56 20 98 f1 1e 5e 58 47 72 e7 0e 03 3d 0b 98 9e 77 9c 44 df 75 4a 7a b0 01 da 1c 6b 33 bb ac 9c 50 45 00 76 ae 60 9e 8b 2e 4f 52 38 5d 05 19 64 01 af 8b 24 46 f3 1b 7c 3e f8 6c a7 3f b5 62 78 35 b6 a3 52 d5 12 02 14 ce e9 6b 1b 2f 60 08 82 02 43 11 06 9b 2a 67 87 5f fe bf 04 4e ad 98 39 fa 0a 1b ea 6a e7 0e 3d 34 41 aa a3 43 43 63 82 f8 0f 73 83 ee f1 34 4e aa 6f 20 47 10 05 16 05 a2 9c 92 ac 32 95 b6 2a 38 ea 14 ca 72 4a 18 69 16 91 4f 56 3f f3 b0 da 75 8e 56 4e 95 6f 50 fe ca 43 c7 df 97 a9 b8 6c 9d d3 fc 92 ae 17 0e a7 c3 49 44 16 d6 b3 c8 74 ef
                                                                                                                                                                                                                          Data Ascii: 4 h$DIP1Run6<[x8RwqtQIa 2_UZ$V ^XGr=wDuJzk3PEv`.OR8]d$F|>l?bx5Rk/`C*g_N9j=4ACCcs4No G2*8rJiOV?uVNoPClIDt
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: dc 8e 60 30 ef d1 ab 65 e5 8b 56 ce ae 88 d4 7b 1e 44 46 6e 2d 8f 24 f9 2b 3c 77 a0 5f 19 11 e3 c1 d0 fa 07 a4 b1 5f 29 21 91 78 6c 27 98 4c 45 d2 3f f0 6d c4 e0 3c 47 ce 5b e3 54 ff 8f 2a 31 f6 d7 09 31 e7 db ac 27 ff 36 ce 4f b3 24 c0 e7 99 de fc 71 e9 e9 e3 82 f8 88 f5 14 75 cd f7 34 94 61 7c 39 3d 99 ad 16 f5 1f 17 2b 35 9b 9b 15 bd bd 9c b0 dc f8 86 bf ea 1a 13 49 72 99 4e 4b 25 98 04 6e 55 fa f6 64 ff 89 cb 53 bc be b2 71 b1 6c ae cb 15 27 d7 58 6d 3e 3e 55 5d d7 0c 1f ac 5a b1 08 75 49 d9 34 a9 0a f7 71 bf 4b a2 74 31 9f 94 19 9e a5 72 59 bd 8d 78 92 69 cb 4d a9 57 74 ff e2 39 5a c6 56 11 4e 6f 08 a3 d1 5f 7e 77 d0 a0 c2 7d 5e df 50 72 3a 10 af 86 63 5e c1 fa a8 4a b0 b9 71 d6 6f 14 c3 c4 ff 4b 66 3d 59 20 97 cc 15 73 c3 f4 0f cf e7 72 f6 38 ed 03
                                                                                                                                                                                                                          Data Ascii: `0eV{DFn-$+<w__)!xl'LE?m<G[T*11'6O$qu4a|9=+5IrNK%nUdSql'Xm>>U]ZuI4qKt1rYxiMWt9ZVNo_~w}^Pr:c^JqoKf=Y sr8
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 12 25 70 6f 36 94 c2 5a b3 23 6a d6 c7 12 27 cf c1 6c 9a 1f 32 46 09 ce 3b 78 c6 45 c6 07 7d 6f 77 8e 91 cc f0 73 48 b7 25 9f 6d fe b9 9f 4f 17 d5 4d 98 0e a7 25 95 a3 81 78 42 20 ea 57 ce 62 c4 f3 d2 b8 cb 6a f9 30 e2 ab eb 04 19 8e 01 f9 89 8e 03 dd c1 f1 de 15 17 4c 18 99 e6 04 f3 40 e5 e8 3a 49 cf e0 39 aa 8a 70 8a 74 e5 b0 0d f9 b4 04 5d a6 78 55 db 54 2a 67 b4 b5 0a 2d 72 31 5b 50 7c 3a 24 95 f3 47 b4 c1 6f b3 89 3c 9e d8 36 35 21 ae a0 23 40 be 60 09 27 1c ce 52 c3 ae 46 d3 97 a2 6d 0d 85 6d d3 80 16 df 93 5c 89 0c eb de 3a 05 98 ab c8 a2 78 99 61 00 99 da df 70 d9 fc be aa bd 91 28 33 bf d2 da a9 1a 34 ef 6a e3 28 e1 6e 19 7b d4 75 59 7c 62 74 d1 f7 8f 9d c1 29 05 26 1d d8 38 73 55 02 8d 2d 91 d5 f0 ec fb f4 19 9d c8 3f 2a 6c 5b 9c 47 0f 2f 55 71
                                                                                                                                                                                                                          Data Ascii: %po6Z#j'l2F;xE}owsH%mOM%xB Wbj0L@:I9pt]xUT*g-r1[P|:$Go<65!#@`'RFmm\:xap(34j(n{uY|bt)&8sU-?*l[G/Uq
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: e4 89 e4 39 31 14 9b bc 93 f5 52 b8 ca 84 22 7c 72 9b 72 49 b5 4f db e5 35 ee 06 42 2f ab 62 7d 41 0c ff c4 7e fa d1 53 b0 8e 90 3c 7d 1a e0 fe cb 36 2f 7e ac c8 52 64 d6 de d5 66 36 c4 4c 49 6b 84 f1 b8 29 36 67 47 af a2 1a d3 8b d3 e6 9e 3a ed 5c 18 36 75 95 a8 21 3d a7 a8 a2 2f 30 0f 32 d4 4a 9d 22 47 1d f5 f6 78 5a 3a 53 bb 98 c5 fb 6d 79 fb fd 33 ad 52 32 cb 91 59 64 66 5f 8f 6a bf 37 2a 69 08 21 45 34 e1 c7 a5 ac 3f 87 92 c3 d4 8d 44 3c 10 21 06 9e 09 5d 8a c6 ce d4 df 49 f1 5a f9 a3 26 6d 05 1e 4f 25 ad 76 eb dc d1 12 7e 90 a3 b4 5c cc fd b0 96 ca 4d d1 9b 13 d7 67 2f 53 cd 43 28 9f 0f f8 d9 4a a3 4c 08 59 c5 83 6f 43 1b 88 b6 3c e3 4e 3f 8b 91 47 7c 96 2e b1 e9 71 56 cc c3 46 cc 7f ad 3c 20 8a ca 73 6c 74 cf 93 94 21 b1 61 cd e8 d4 c9 50 ad 7d d3
                                                                                                                                                                                                                          Data Ascii: 91R"|rrIO5B/b}A~S<}6/~Rdf6LIk)6gG:\6u!=/02J"GxZ:Smy3R2Ydf_j7*i!E4?D<!]IZ&mO%v~\Mg/SC(JLYoC<N?G|.qVF< slt!aP}
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 14 f1 df fe cc 0c dd 32 b8 94 9b 10 e8 41 aa f7 9c b4 a5 7c bb e8 7f 12 6d dd a5 7c e4 b5 dc 55 cf a0 69 f7 16 cd 8f 58 b1 b5 c4 5e fd b7 ca b9 e3 9c f1 e1 ba d6 71 1a d6 93 bb 90 98 4a 87 15 02 b1 cb b2 0f 9a 02 e9 7e c3 6e 26 6b 69 0c a7 60 13 3b 18 bd 63 bb 40 62 4a 62 b2 32 a2 21 09 9e cd 85 83 0c 4d 0b 76 51 d4 18 45 73 c2 c5 24 f6 cb 39 c7 b3 f4 ef 8a 72 7b 55 39 34 88 e1 32 e2 13 de 49 c4 d7 a2 92 94 c2 13 0c 34 f9 c9 dc 28 0c b2 4e 44 04 91 45 a5 22 d4 ad a0 6c e8 f1 bc d0 f7 7c a4 97 d2 2d d8 6b 6c 13 57 4a d7 32 b3 d8 43 7e da 69 bb 00 b5 74 22 1f 13 23 08 97 6a 08 af 75 47 6f ae e8 b7 a0 83 d1 0f 7c e9 cf f9 ad 8b 8b fd 44 03 e2 ef 3c af 90 ce 3c 9e a3 fe 8f 0e 0e ff bd 87 a1 d1 3f 60 a4 19 46 da 93 55 95 31 8e 9e eb 43 f5 c9 48 59 8b a4 b4 e0
                                                                                                                                                                                                                          Data Ascii: 2A|m|UiX^qJ~n&ki`;c@bJb2!MvQEs$9r{U942I4(NDE"l|-klWJ2C~it"#juGo|D<<?`FU1CHY
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 69 e2 f7 be 25 99 7d 8c b4 ac 40 4e ad 57 f7 74 b6 72 c6 81 a8 bd e4 9c 43 de 8f da a8 50 97 d8 e7 50 2e 41 c9 d2 87 b2 39 05 3b 70 c0 f9 ff b7 69 e3 9d e1 b2 5a 5d cb a8 cb 9b d9 15 8d bd 29 85 eb ae 9c e3 79 f7 46 4a c2 4a 1c 2d e2 2f 29 b6 fb 60 2f 4c 7e 2d d8 1e 42 b8 74 b8 27 cf 5a 85 13 a7 ac f3 ea 85 67 93 66 3a 94 4a ee 4d ee 63 7b b1 83 66 c8 99 3d e9 54 38 86 3d 8a fb 88 12 e4 75 6e a4 df de 27 81 77 b4 d9 86 f1 a7 52 69 78 2b 68 05 96 a2 b1 95 54 d3 1e f3 a4 15 36 e7 d1 21 65 1d 10 82 df 49 94 61 9a 36 4e 70 d5 3f 0d d2 bb bf e1 a1 c9 08 4b a0 01 cd 03 d5 f4 0d 96 d2 1e 7c 4e 1d cf cf cf 13 69 cd b6 82 9a 10 3e bb 41 08 5c e4 cb 1a 7d 2a 6e cc a8 f0 05 37 2c 95 8a 4d 25 6a 5c 63 c7 a8 19 b1 00 fb c8 7e b6 b5 ab 55 ae 3b 3c cc 2a 2b 33 92 cd e4
                                                                                                                                                                                                                          Data Ascii: i%}@NWtrCPP.A9;piZ])yFJJ-/)`/L~-Bt'Zgf:JMc{f=T8=un'wRix+hT6!eIa6Np?K|Ni>A\}*n7,M%j\c~U;<*+3


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          54192.168.2.449801104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC534OUTGET /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912401.56.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC817INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:23 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                          Content-Length: 1
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          X-Robots-Tag: noindex
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8miM4L8heUM175RMoQnOOtrHeUnMRYMs8kI%2BQdC5bNn1CZgsjKRBQAtVuVZq3slMAPXfq5Ox9%2BI6qYEDJiKWGfTrGNzkR5ZGMPVRGovyATAq70em%2Fl%2Fdq8z55ww%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c2372b7c81e1-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1INData Raw: 30
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          55192.168.2.449802104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC829OUTGET /wp-content/themes/meminz/fonts/open-sans/opensans-regular-webfont.woff2 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: font
                                                                                                                                                                                                                          Referer: https://bitsum.com/wp-content/themes/meminz/css/plugins.css?ver=20240503
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912401.56.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC764INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:23 GMT
                                                                                                                                                                                                                          Content-Type: font/woff2
                                                                                                                                                                                                                          Content-Length: 18752
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Sat, 17 Jan 2015 16:03:08 GMT
                                                                                                                                                                                                                          ETag: "103a59-4940-50cdb39a46700"
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: HIT
                                                                                                                                                                                                                          Age: 2000
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=09APG0L7y9x2Q0qhQhalYzmcDsBSKHyguNCe3juT7G142l%2FRkqwfjVcDW6yIJH%2F9Bvsof1mpwPXSubcgQv5K4OM8KcaK%2B4rzoCObqVwPoUfc%2FzOBJfxknVRDQQg%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c2376aa32d11-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC605INData Raw: 77 4f 46 32 00 01 00 00 00 00 49 40 00 13 00 00 00 00 b0 60 00 00 48 d3 00 01 19 9a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3f 46 46 54 4d 1c 1a 20 1b 93 18 1c 81 28 06 60 00 83 5a 08 46 09 84 65 11 10 0a 82 a1 78 82 80 13 01 36 02 24 03 87 26 0b 83 56 00 04 20 05 88 4e 07 85 65 0c 82 76 3f 77 65 62 66 06 1b 52 9c 35 78 f3 32 e4 76 80 2e 21 3d d3 67 23 1a d8 38 40 40 62 ee 1f 89 08 36 0e 40 e3 27 19 b2 ff ff 6b 72 32 64 80 05 9b 5e 7d c1 41 99 02 37 8a 1a 93 9a 62 55 34 d5 6c aa b1 e8 58 34 2c ed e1 69 19 eb 65 f5 50 21 98 b4 a3 ce 3e 2a c3 b1 b4 a5 51 7a cb 15 65 b2 78 82 5b 78 36 1a 85 be fb 4c cc e9 c6 6e a4 ce 41 aa 6f 51 1c 93 4d 2f f2 fe 42 c5 f9 53 71 1c dc 15 2c 6c 58 4d 14 8c 16 65 61 55 32 ea dd 1e 09 7c ad ae 0b be 58 94 e1
                                                                                                                                                                                                                          Data Ascii: wOF2I@`H?FFTM (`ZFex6$&V Nev?webfR5x2v.!=g#8@@b6@'kr2d^}A7bU4lX4,ieP!>*Qzex[x6LnAoQM/BSq,lXMeaU2|X
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: f2 43 b3 a1 95 07 6a f9 d3 f2 28 fd 38 66 10 86 c5 21 11 12 ac da bb 5f 97 a5 57 d7 54 4a 73 ad 0b 93 89 33 a5 ca c8 cc ff ff 4d 35 bf bd 6f 86 20 1f 20 ad 2d ee 3a 26 3a 64 1d 17 0d 14 9d 42 e7 a2 75 51 f1 dd 37 33 e0 9b 37 00 08 bc 01 a8 99 01 a5 05 41 05 00 a4 24 60 40 ee 82 e4 fa 20 90 32 48 69 73 ea 64 39 ff 90 2a 81 a4 52 a0 f4 43 0c 45 e3 72 eb f2 b7 fd 3f fd b7 68 6d 19 2f 81 56 a9 e1 15 b7 66 92 68 c4 dd bd 41 2d 7a 48 1a 22 d3 ef ef fb ea aa b6 75 db 96 ac ba 2d c3 4a 56 82 ce bd 9e f3 66 de b9 73 ee ba a4 4d a2 9b d3 fa 03 68 46 6f 70 a8 f1 fb 61 6e 5f de 4c e5 5b 21 e9 b4 1e 16 82 a5 a2 70 b8 ac 2d 4b cd 42 6e 6e c7 6b c8 58 21 32 e8 b0 3c ba de 37 da fb bd b3 1e a9 d9 9a f6 d2 46 4a 8c 40 14 99 01 d2 fd ba 63 ef 5e cb 13 6f fb 37 55 88 28 71
                                                                                                                                                                                                                          Data Ascii: Cj(8f!_WTJs3M5o -:&:dBuQ737A$`@ 2Hisd9*RCEr?hm/VfhA-zH"u-JVfsMhFopan_L[!p-KBnnkX!2<7FJ@c^o7U(q
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: f3 f5 e7 2b cf 17 9f 73 9e 0f 3f 2f 7d 6e f1 6c f3 e1 3b d8 31 ad 53 f1 70 28 e0 40 e7 5c 80 ff 08 6f 6f fc 7f 0f 00 54 28 0c 8e 40 16 aa 9b b6 d3 7e 08 63 de de d9 dd db 3f 38 3c 3a 3e 39 3d 3b bf b8 bc ba be b9 bd bb 7f 78 7c 7a 7e 79 9d bd bd 7f 7c 9b a3 35 35 33 b7 b0 b4 b2 b6 b1 b5 3b 6d 8f 75 70 74 c2 39 e3 5d 08 ae 6e ee 1e 9e 5e de 3e be 44 92 9f 7f 40 60 50 f0 99 90 b3 a1 61 e1 11 64 a0 a2 b2 ba b6 95 d9 3b 38 c0 62 0f 0d 8f 8e 8f 4d 4c 4e 4f 71 66 e6 e6 b9 bc c5 85 d5 95 b5 75 80 16 1d 43 79 92 75 21 35 f1 55 46 42 8c 81 aa c7 01 3a e0 c2 2d 00 80 2b ef 04 46 9e 2f 8e da 04 00 ae ba eb 69 64 1d 75 6c be 75 83 a1 ef 7d b6 f1 0a bc fc 61 eb ae dd 90 fd e5 63 28 bb bf b4 be a6 b1 a9 b9 a1 9d 01 b4 3d d9 73 1e d8 79 ed 56 03 dc 2e c0 7f 54 a6 27 62
                                                                                                                                                                                                                          Data Ascii: +s?/}nl;1Sp(@\ooT(@~c?8<:>9=;x|z~y|553;mupt9]n^>D@`Pad;8bMLNOqfuCyu!5UFB:-+F/idulu}ac(=syV.T'b
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 04 b4 f1 33 3e 9a 30 e2 84 0f d3 6b c5 be 05 6a e8 94 90 63 43 8e 1c 08 44 5d 4c 96 a0 0d eb 8d 30 06 4c 48 28 e1 bb 9e 52 8e 6c d7 2b db 53 6e ed 83 98 ed 64 24 0c 37 4a b2 09 dd a3 df c2 60 1b e1 ff 1e d4 ce 94 0a 0c 69 d7 ed ae 6c 9e eb 7e b8 b8 a4 76 ad 59 a4 ed 25 86 04 eb f4 fe ad 8c 37 6e 0d e2 7f fa a6 7e ca dd b8 6f f6 a2 1a 6e 67 4a e1 37 bb 23 a8 9d 3c 18 9a 6c 69 67 50 3b 92 0f df bf 3b ec 5d 89 b3 6e 80 50 f0 3a 82 a8 0e a9 16 b5 f4 d5 04 a9 08 fb 75 23 63 de 87 a3 46 23 50 52 bc 29 59 95 82 79 56 e1 28 ed cb 5a 76 dc cd 77 6c bb 4b 20 62 36 2d e3 75 69 b4 52 d4 a1 35 b2 f0 c8 3f 88 1f cf 1c 26 3e 61 94 51 04 c6 91 3d 4e bb 26 26 f3 15 0f 2e f0 78 e2 51 cc 8e 99 dd 70 09 3d f1 c2 05 5d d9 b6 fc 9c 9a 5a a6 95 e4 de 12 df e1 74 2e 93 0f f7 4c
                                                                                                                                                                                                                          Data Ascii: 3>0kjcCD]L0LH(Rl+Snd$7J`il~vY%7n~ongJ7#<ligP;;]nP:u#cF#PR)YyV(ZvwlK b6-uiR5?&>aQ=N&&.xQp=]Zt.L
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 9f f2 ba b4 0f 12 91 6f a2 e3 13 4a 82 94 07 8b 3d a7 42 21 54 77 8f 0d a9 36 c8 6c fc 6d 52 b2 d0 a8 41 cd 54 6e 75 d5 95 ab db f8 e4 6c 79 06 de e9 80 07 ae 85 06 38 40 b8 28 80 68 4c d1 29 1d 80 b9 35 a8 66 da 9a a1 85 86 c4 61 d6 4f 7e 87 73 24 3d 24 3a d3 00 10 6d 1c dd 64 f6 63 39 04 88 8e a3 01 6b 6c 42 83 79 77 57 de 3c bb 65 1d dc 1b d2 1a 33 eb 5c 34 50 97 30 40 34 79 76 34 aa 1a b4 2f a8 65 04 e9 09 a1 90 6f 28 18 5a 9b f5 39 cf 43 57 bd bc b0 75 c6 d0 ec ac fa 0e e4 66 03 8d 71 be 31 84 ad 2e 47 3e 3c 02 09 79 b8 7b 6a a6 b6 66 0a b5 23 29 a6 40 62 15 58 94 b6 c6 3a 10 1f 2e ef e5 98 27 0b 8e 28 54 34 41 5b 48 06 38 be cf 00 2b 1e 74 bb ab 9d 7e 0c 23 3c 94 5e 28 33 29 3d 52 29 c8 46 d0 05 10 cb 23 65 ce 86 7e d0 70 62 5e 67 ea 77 50 aa b2 ac
                                                                                                                                                                                                                          Data Ascii: oJ=B!Tw6lmRATnuly8@(hL)5faO~s$=$:mdc9klBywW<e3\4P0@4yv4/eo(Z9CWufq1.G><y{jf#)@bX:.'(T4A[H8+t~#<^(3)=R)F#e~pb^gwP
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 9a de 1e 00 e3 f5 a8 41 26 57 4b 9a 46 6a 64 f8 3d 2c d5 b7 91 8f 3e 91 9a 8c 66 66 ab 5a aa 78 85 2b 6a 4d 32 dc 9e d4 8a dc e9 a4 4b 7f c5 e5 3d 7e 31 42 3a bd 70 f4 7a 9c e4 d2 3c e4 c9 fe 2a 85 95 56 46 59 fe d9 b9 65 de de 61 f9 cc 29 ac d2 6e b0 0e 5e f2 cf ce 26 25 54 15 50 df b7 dc 34 34 d2 51 57 52 52 91 ff 65 59 5b 9d 41 47 f9 61 18 23 4c ae 9c e9 92 9d 68 e9 b0 8e 30 2a 36 ef e1 2b 5e 40 20 f7 cd fb 3d 7f 87 f6 1d d2 82 80 ae 9d 9c 16 da 48 86 d9 a4 ba e9 c2 fc ba 4b c7 7c 56 ef f5 a0 d6 64 19 04 8f a5 80 53 c6 a2 40 0e 98 63 5f d0 97 2a 54 fa ee e2 c5 3d a3 62 33 a9 2a c5 c8 fa c5 5b dc b0 33 a7 da 9a bd c7 b8 bb e7 9e a3 a1 66 73 45 62 9b 59 69 67 d8 c3 53 a1 bc 6b f4 c9 01 85 ef 3c a4 a2 29 ef bf aa 4e 4c 0d 08 ae 21 95 9d 85 aa 95 61 22 48
                                                                                                                                                                                                                          Data Ascii: A&WKFjd=,>ffZx+jM2K=~1B:pz<*VFYea)n^&%TP44QWRReY[AGa#Lh0*6+^@ =HK|VdS@c_*T=b3*[3fsEbYigSk<)NL!a"H
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: ea a0 77 3d ca a2 de 74 13 5f d5 98 dc f9 72 e8 c6 c3 6c 5c 97 97 26 f7 94 5f 49 2d d1 1f 9b 72 a6 df 8e 69 59 e4 77 3a 31 06 f4 6d d7 a7 1b e7 fc 2e e2 bf d3 c5 a7 cb a3 42 29 44 3d 5f 54 46 e1 44 bc 88 ce 69 ef ba 9c c1 9c eb 23 bb 5e d8 10 bd 2b f7 b0 6c 42 b5 74 0b 9f b1 0f d7 3f ed ca e5 b5 20 c2 ec 87 6a ef 97 82 4e 48 56 9a c7 55 83 59 39 28 61 53 05 94 46 98 a2 74 a7 4c 23 dc 90 23 86 5c 89 2b 69 dc ad 34 8b 71 f1 34 a4 89 6a fb fa a3 09 b1 ef 84 9d 2b 25 3a 26 b7 90 9a 53 8a 61 37 8a 2e fd 16 68 35 19 e6 49 ad a1 07 95 07 57 4a bd 76 cd ad 1a af 98 ad 68 00 18 c2 ec e7 54 af 7b 62 61 c8 4d e2 cf e3 dc 59 c5 b4 e7 ce 8b cb 5d 55 1e ae 22 e5 89 b8 71 c2 45 db f3 ba 44 aa 7a 54 80 51 f1 9b 62 cc 4b 7c 68 b1 9e ed d7 fa 62 10 3d 24 c2 f8 fc e1 38 af
                                                                                                                                                                                                                          Data Ascii: w=t_rl\&_I-riYw:1m.B)D=_TFDi#^+lBt? jNHVUY9(aSFtL##\+i4q4j+%:&Sa7.h5IWJvhT{baMY]U"qEDzTQbK|hb=$8
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: d5 df 9d 02 a0 17 ef 86 22 cd 75 a5 0b 2a 63 0a e3 d9 c1 49 65 79 c5 d2 99 81 e6 65 25 95 e5 44 13 20 6a 83 42 5a 37 3c 24 70 b8 2e 2a 8b 56 15 a2 ef 8f f1 d4 73 c1 a0 8d fe 3a 89 42 65 a5 56 85 e9 fa 62 bc f4 08 18 55 63 dd c7 e0 97 a9 35 49 95 46 c1 b7 24 8c 34 04 aa 19 8f dd df 2a 6f c8 c6 d6 aa af 7d a0 c8 2c 5a 74 4c 6e c6 d9 c8 9c 8c d8 98 cc b4 38 b2 e5 aa 95 29 d6 d6 d2 d2 c1 d6 c4 44 ee 82 91 60 dd 21 de 5e 07 ee 50 91 a1 28 87 63 7e 3a 00 bf b8 a5 41 59 9f cf 08 71 98 e0 46 3f 76 77 00 6d c7 a3 5b d9 2c 00 df 6b a8 1a 5c 97 fb 00 17 02 63 20 45 d2 a2 81 a5 2b b5 25 93 05 32 80 c0 c2 bd f9 76 95 ed 2f 01 73 01 f3 82 bd 61 0c dd 70 1c 4d 08 a3 50 57 e4 cf 68 0e 10 50 a0 37 0a df 1c 2a 0d fc fc dc 2b 72 d2 af 62 74 75 cc fa e6 66 04 d8 97 ad 95 57
                                                                                                                                                                                                                          Data Ascii: "u*cIeye%D jBZ7<$p.*Vs:BeVbUc5IF$4*o},ZtLn8)D`!^P(c~:AYqF?vwm[,k\c E+%2v/sapMPWhP7*+rbtufW
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 62 94 0c 56 e1 66 f1 45 cc dc fe f6 58 37 d3 81 d1 8c 1d 3f 41 a3 4e 01 45 60 7f 8f 04 e5 84 3b 71 b9 71 4d b1 07 2b 5b fa fb fa dc 83 42 16 ac 0a 79 5b 2f fe 8a 3e 12 56 34 75 0e 70 d1 a4 35 27 e5 f9 33 46 fd e2 a4 9b 93 7a 6b 91 76 7d df a4 f3 e3 90 fb 78 91 20 3f 37 06 9e 67 e2 a2 b5 55 0e 49 36 fb 48 93 1e 3e 07 fa fe 2c c4 db bf 05 6d 1e fc ff 9b a6 ac f8 15 f0 f4 e5 27 61 98 86 17 05 d5 0f 7f b3 6d 21 72 fa 67 0b 79 12 c0 a8 95 8d 84 25 0c 6e 09 70 0c 07 b1 25 bc 5d ae ea 56 2a 68 72 c7 90 5a fd 35 d5 e0 db 1e aa c0 38 09 b5 b7 2c 3b c5 92 94 27 cb e8 fa fe 91 02 0c fa 0e 54 1a 84 aa 08 e1 61 88 32 f0 48 d9 47 b1 04 a9 57 99 e4 2e 2f 05 3d 78 16 8d 37 ee 68 27 8e 45 4a 87 73 ed 05 3d b5 c3 6c e8 6e bb 01 79 fa aa a8 25 9e 9c de ec cf 05 3d 9f b8 1e
                                                                                                                                                                                                                          Data Ascii: bVfEX7?ANE`;qqM+[By[/>V4up5'3Fzkv}x ?7gUI6H>,m'am!rgy%np%]V*hrZ58,;'Ta2HGW./=x7h'EJs=lny%=
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 0e 0a 89 a2 1c 7f a0 45 6f 19 95 8c 2b 3c dc 85 5d 3b 2e af b1 a3 79 90 9b f2 51 eb 6b 33 63 c1 6a 43 e5 2e 87 1e 58 dc ba db 3d 1d 42 93 bc 8f 25 d9 7c bd 21 64 25 a3 cc c4 c2 3a 82 bb 34 b5 4a 43 51 ae f4 a6 9f da bb 59 22 69 e7 74 32 0c ca 61 d0 d9 59 a0 08 a9 de 3d dc 81 0f 4e 48 b9 80 7b e2 a0 6e 27 96 85 56 1d f4 c6 72 34 6e 89 a8 31 04 77 98 13 1a 4e ab f4 68 a0 74 01 6d 81 92 75 55 17 5d c1 67 db 58 ab b1 3d 89 c9 b4 c6 3a 22 b9 52 7b 8c 75 f5 1e c5 bd f3 e1 12 de 9e 1a 78 60 a1 91 6a ed 59 8f 06 89 37 46 f6 83 9c e5 40 e6 58 f4 7a d4 28 d5 b1 24 ad 12 3b 4f 5d 8d d3 98 55 42 9d 0b 8e 50 9e 05 d0 32 0f 81 4b 83 b6 d2 3d 90 71 22 9b 4b 46 82 4c a2 fa 7c 50 77 37 90 98 10 20 7f b6 b4 a5 4d b2 9c 92 64 49 0d 0c 60 60 1c 37 04 96 03 1a cf 41 c6 42 87
                                                                                                                                                                                                                          Data Ascii: Eo+<];.yQk3cjC.X=B%|!d%:4JCQY"it2aY=NH{n'Vr4n1wNhtmuU]gX=:"R{ux`jY7F@Xz($;O]UBP2K=q"KFL|Pw7 MdI``7AB


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          56192.168.2.449804104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC877OUTGET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: font
                                                                                                                                                                                                                          Referer: https://bitsum.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=7.6
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912401.56.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC759INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:23 GMT
                                                                                                                                                                                                                          Content-Type: font/woff2
                                                                                                                                                                                                                          Content-Length: 75760
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Fri, 12 Apr 2024 09:28:07 GMT
                                                                                                                                                                                                                          ETag: "ff8d7-127f0-615e2e3b4a63d"
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: REVALIDATED
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CcunWmim9M2JVbnnr%2FF0Trbevz3kXWrDQcPZJTHwqG0pOZb31Iot%2BLc0Gy18Nku0s6UwpsuesHZSM8MfQ4Qby1F4UoGeMl8Uabm614BcYVeLWvfd4wCl%2FW8xN50%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c237697c39b2-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC610INData Raw: 77 4f 46 32 00 01 00 00 00 01 27 f0 00 0d 00 00 00 02 ef d4 00 01 27 96 01 4a 7f 7c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3f 46 46 54 4d 1c 1a 1e 06 60 00 97 0a 11 08 0a 8a a0 18 88 89 17 01 36 02 24 03 9e 0c 0b 9e 10 00 04 20 05 8a 2b 07 dd 6a 5b 5d 54 92 42 e4 ee 6f 03 2a f4 dc d6 8a a1 4f 23 4b d2 13 6e 0c b7 c7 81 1c 4a 04 4b c4 db c7 13 d0 1d 70 47 15 de 12 b3 ff ff ff ff 7f d3 b1 10 f1 ee 2f b9 a4 f9 a4 69 bb 76 36 66 3a 00 60 04 41 12 4f 29 e5 01 05 b9 78 45 2b 28 63 cf 65 4a b3 3b c9 e3 bc e8 e0 2b ea 88 b4 9a 84 ed 48 ef d8 29 c6 c2 14 34 1c a7 73 c7 81 0e fc de c8 dd bd 98 07 22 23 22 23 22 23 22 5c 1c ee 5e 1e d9 96 82 46 b8 af f5 8a 27 b2 9b 4e 64 44 64 44 64 d2 ad b5 7a 36 4b f8 f6 bc b8 db 1c 69 36 22 32 32 39 07 de d8
                                                                                                                                                                                                                          Data Ascii: wOF2''J|?FFTM`6$ +j[]TBo*O#KnJKpG/iv6f:`AO)xE+(ceJ;+H)4s"#"#"#"\^F'NdDdDdz6Ki6"229
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 40 31 c0 02 a3 c0 3b 30 12 3d d0 be 93 3b 3d a3 51 ef 4e 4f 2f 8c 0b e3 92 fe 0f 10 00 c8 18 70 a1 af b2 2d 9b a8 33 a7 cb 38 07 50 ba 02 a1 d5 f2 33 aa 02 04 34 dd f3 5b db eb dd 6d 7f db 7f 06 4b 10 ca 23 94 c4 38 12 c2 c0 5c 2d d6 cf f8 dc ce 27 ae d0 18 99 ca 12 1c 0e 63 2c 46 f5 be bb cd ef 6d d9 bf 8b 96 e1 52 14 a2 10 92 2c b0 c0 36 c6 9e db 3d bf df af e7 4c c3 b0 cb 2a ab 55 d6 d9 e6 e4 e7 73 6a fc 4b ed 4e 37 79 68 68 9a 96 03 86 96 07 da 9a 8a 10 b8 90 36 1b ea 8c 1f f7 c1 62 63 6d ad ed 39 f7 58 56 60 c0 32 06 06 92 26 6d 9a 64 18 6c eb 11 fe bf 7d 2d ed a5 e9 8f 52 b7 bd 80 e0 64 81 d0 c9 03 3b 7d f1 a4 e3 f4 69 cb 95 f2 e1 32 ba 4a d7 06 03 05 3c a6 05 e6 6f f8 08 75 ff 4d 6f 0f 3f 7f 64 2d b6 d1 22 a5 92 49 85 6c 7e 2a f2 ef 98 81 a1 83 f6
                                                                                                                                                                                                                          Data Ascii: @1;0=;=QNO/p-38P34[mK#8\-'c,FmR,6=L*UsjKN7yhh6bcm9XV`2&mdl}-Rd;}i2J<ouMo?d-"Il~*
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 43 a1 8f a2 2c f5 c3 6c 27 5c a5 89 f4 c9 38 56 c0 6c d4 c7 83 83 10 80 fa 82 91 6b ee f8 82 57 3e 26 57 91 30 f0 bc 31 b8 80 e1 27 cc a2 0c 1c d8 b8 c1 d9 5d 42 ea bb ce 87 24 a7 b6 2e bd f3 d1 0f 19 85 09 2f 1d b5 5c a8 ad 67 ea 1c 79 97 50 d4 e1 93 4d de f8 9f 67 a6 d8 17 d2 99 fe 85 94 e9 c4 d3 87 4c 16 28 7c 7b ab 13 04 1a 47 31 6d ce c4 3d 55 e7 8b dd ac ce c7 f9 cf 71 4f 74 8a 33 9e e5 1c ce f5 fc 38 dc 11 27 f1 7e fc 4b e7 c4 67 92 48 b5 38 37 64 c3 9d d9 79 51 93 76 3d fd 92 88 70 ef c6 86 f6 8e b6 fb 9f de 66 ef 3a f7 cc 5f 69 b1 55 4b 47 60 88 56 24 37 36 2a af 6e 6e a7 ab 13 8d 8a cd 34 4a d9 eb 4a 72 a9 f6 ce 79 e7 20 dd 46 c6 3e 26 b2 84 4c eb fb 79 3d ae 97 d3 f1 f0 f6 f5 cb e3 dd 6d 7b 75 79 71 be b5 b9 ba b2 bc 90 1e 1f ee b7 c3 7e b7 dd
                                                                                                                                                                                                                          Data Ascii: C,l'\8VlkW>&W01']B$./\gyPMgL(|{G1m=UqOt38'~KgH87dyQv=pf:_iUKG`V$76*nn4JJry F>&Ly=m{uyq~
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: a7 66 ff fa 17 5f 7e 78 3e 64 5f cf 14 48 99 cc 70 ef ce fc a2 bd 80 5e f1 02 a0 a8 2c fc 99 74 ce 14 c1 a5 e0 0a 9d f0 04 77 68 88 e5 23 91 1c 38 fb e7 fb 4c 7c 08 da 8e 79 42 0f 34 3d 48 c9 c4 2b 01 b0 75 a8 73 f6 61 9b a8 5e 01 80 75 77 b1 7b a4 b2 ba 45 86 6b 21 4a 13 98 98 29 73 cc cc 2a 43 66 66 9a 0d 79 c6 5e 2d 8d 68 9d 65 a6 6d c1 c6 36 48 d8 01 c9 38 dd 98 ef 0e 63 0f 6f 64 13 8e ec f8 7e 32 30 a8 41 ce 91 42 84 4b b4 9e 1a f9 6a ae 91 11 08 37 cf cc c1 36 63 15 a1 6f 17 c2 59 2e ae 67 10 e3 b3 2a 13 ff 00 81 84 d0 75 f7 e3 7d fd 8a 3b a5 e2 b7 4a df 21 ea 38 a0 c1 0b 6e f1 23 0c 38 b7 b8 dc 0e 38 e1 12 fb 44 93 e4 fb 43 46 d8 f8 31 18 83 e0 1f 29 00 5a b5 04 ff ad 4b 2e 4f b7 26 13 e3 2f e2 c5 e9 98 04 9f 88 4b fa f8 7c b5 7d 3c 2b a5 ce ed 19
                                                                                                                                                                                                                          Data Ascii: f_~x>d_Hp^,twh#8L|yB4=H+usa^uw{Ek!J)s*Cffy^-hem6H8cod~20ABKj76coY.g*u};J!8n#88DCF1)ZK.O&/K|}<+
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: df 1f ae 31 4b 27 6a 92 51 06 29 ad 33 28 34 8a 42 9f 0f 6f 2b dd 99 de d5 5a a7 d5 88 68 95 a6 4a 58 2e 2a a1 0e dd 1c 5b cb ed c1 0d cb 01 6f fc 33 80 1b 73 cc f6 32 61 cb 1b 86 6f 09 18 54 5b 0d ca ea f2 34 8d 68 28 ab 62 74 51 7c 56 8a 6c 0c f8 92 95 70 20 f2 88 a4 82 10 89 8f a6 00 40 3e 7c a7 c4 88 f2 8c 05 28 74 47 2b 54 40 65 b7 46 1d e1 fb 51 16 15 4f f6 11 a4 76 a7 ea 6f 0c 17 27 de 2f 1c e0 02 01 e8 2e dc 14 d0 3b e9 a9 c0 f9 ea 85 36 c5 a5 33 cc 02 04 21 c5 12 52 c6 d0 6c d0 cc d6 ea 44 4d 4a 14 f4 1e a8 0f c1 47 6a cc 74 d0 e2 ea 46 f6 4a 5b cc a2 01 31 b0 b8 d4 18 bf 25 3a 09 9c 06 c4 79 4c f5 ae 76 81 55 c6 af 6e c7 79 9e f9 b4 ec 24 c5 dd b8 10 4f ee 26 55 cf 4e 0b e1 5f 06 2e 5c 7f 5a f2 ca 20 ab a4 5e 29 a8 ff 71 2d fb cc 83 15 08 3e 49
                                                                                                                                                                                                                          Data Ascii: 1K'jQ)3(4Bo+ZhJX.*[o3s2aoT[4h(btQ|Vlp @>|(tG+T@eFQOvo'/.;63!RlDMJGjtFJ[1%:yLvUny$O&UN_.\Z ^)q->I
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: a3 28 5b 96 2b 49 c9 d3 b5 1e 38 f7 a1 8b c5 77 2a 1c df d1 b8 46 22 62 04 e5 01 c8 ff 8c 61 e2 36 75 60 b9 a9 75 5d bb 05 0d 48 d3 62 8a 49 c1 c8 5f 46 06 7b d8 b2 55 de 2b 92 85 74 1f 57 25 22 15 f1 6c 12 cb 52 5f ea 00 13 1c ca de 80 50 02 af 06 79 99 e9 75 7a 2d 7b 5d a2 21 26 61 da 20 56 3c 0f ec 22 0a 29 7c a0 05 08 27 57 e9 f8 a2 7f af b0 bf 81 65 02 05 d8 53 d1 bf 92 56 b5 a9 c7 41 19 e0 00 a0 92 08 cd 45 66 14 ee fa b7 ad 40 bd fe 1d 27 e1 72 f2 5b e0 7c e3 79 28 cd bf f0 2c 59 ac e3 d5 27 2d ac 74 db fc d3 04 d9 b7 64 f8 d6 c0 0c 3b a0 fe 1f d6 2e 7d eb f3 df 01 56 bc fd 49 a5 57 45 d1 d5 8e 06 07 fb c3 be 6e d6 ba 57 84 3e 77 b4 d9 a9 94 94 85 a6 a5 25 aa 60 dc ef e8 71 98 77 8f ab 3a 7a 5c 9f 42 1b c0 d1 a5 7b 45 e0 ee 20 b6 fd ba 78 ae f2 a9
                                                                                                                                                                                                                          Data Ascii: ([+I8w*F"ba6u`u]HbI_F{U+tW%"lR_Pyuz-{]!&a V<")|'WeSVAEf@'r[|y(,Y'-td;.}VIWEnW>w%`qw:z\B{E x
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 7f d7 a1 12 1d e0 b9 1a 4d e9 e5 6c 75 59 58 3a c0 12 2e 18 ab 34 36 e5 91 0a 3f df fa cd 74 6d 93 6d ec 21 0c 44 d4 e0 3b 7e 2e 33 e5 49 4f 15 cb 6e 1e 99 29 e1 5c 55 74 e4 80 67 aa 66 60 d2 ce 99 26 b0 49 e6 c6 75 0c 1a 1e 83 9b d3 a5 9b bc eb 4f a0 83 9a e9 fd 65 99 53 fa d2 47 df 21 99 79 32 2c 1a 5b 93 47 dc 87 07 18 4c a0 2d a2 04 59 dd 52 b8 1b 7d 92 72 46 43 18 16 6c 90 8e 10 6b 06 a9 42 65 c2 43 31 55 d1 0d 53 98 c5 37 7e ce 4d cf 21 95 aa e8 44 cc 89 95 ba 85 26 96 6b 82 66 36 6d a4 ac 82 b6 27 bf 84 f9 4f 98 f5 4a 52 76 91 61 9e 45 f3 00 2f ec b7 16 cc 29 36 a7 32 c5 76 89 f8 e7 92 bd 18 cd b3 ad 89 af 6c 75 3e f2 ea 51 92 d7 ad 91 59 51 0b 49 bc 95 24 50 02 17 22 8f fc 7d af 0b 83 3a 0d 69 25 e6 e3 01 c6 c7 c9 56 e3 29 7a a4 cf 80 e7 43 a9 9b
                                                                                                                                                                                                                          Data Ascii: MluYX:.46?tmm!D;~.3IOn)\Utgf`&IuOeSG!y2,[GL-YR}rFClkBeC1US7~M!D&kf6m'OJRvaE/)62vlu>QYQI$P"}:i%V)zC
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 8b 63 b9 6e 12 80 dc a5 c2 a6 c6 87 1c 36 34 fb 36 8d 5a 5b 79 f6 b5 b0 6d 4a 0f 9d cd 26 cf 0d e0 3c 7c ee d5 d0 31 9e a4 9d eb 51 1f 92 81 2e 18 c0 d4 e9 05 94 2d 14 93 7b 06 ce 09 7f 81 c0 f4 98 b3 c6 17 9b b7 3d ca d7 ab 4a 6b 62 a1 bc c9 43 24 3a 65 73 96 c1 73 5b c6 b8 6c c1 d4 a7 ff 43 c2 e9 a7 9a 13 4d 32 fa 0f 79 8d 71 e3 0b fa 75 8f ed 02 b1 3d bb 3f 2c d7 0a 2a 99 ae eb c0 2b eb ec f6 be 39 06 fb 54 2b 9d 13 fb 1e ff 4c 8d 43 b3 2b 76 15 24 98 71 80 63 12 52 83 ee 1c 37 b0 8e 23 3a 89 59 ab 7f bf a0 81 a3 fe 5e 67 0b da fd 31 b3 65 fd 1d 5e 79 28 b5 e1 1d 35 af fa ca e8 5f ca 35 fc b8 d6 a8 7f 52 27 70 e8 c6 6e 93 e1 63 39 6a 8a f9 ea 11 e3 bc 6e be 39 7f d1 9e 39 66 36 3f 36 ce 1d 31 8f fd d0 b8 5c 30 ce 1f 35 6a 3f 32 5f 3b 6e 9c 3f 65 ae 1e
                                                                                                                                                                                                                          Data Ascii: cn646Z[ymJ&<|1Q.-{=JkbC$:ess[lCM2yqu=?,*+9T+LC+v$qcR7#:Y^g1e^y(5_5R'pnc9jn99f6?61\05j?2_;n?e
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: b8 ff f3 de 40 3e 31 02 a7 73 ad b7 8b af 2e 70 bd be 9e f9 18 b0 e3 01 25 1d b8 d9 65 6e 0a 2f a7 5c 5d 80 ad 21 86 84 ea eb 88 a5 4e a7 a1 a0 73 44 a8 95 d0 a3 60 b9 d7 5b a7 98 49 36 07 86 c5 f2 9d b9 18 a1 82 13 f4 5f a8 71 b1 6c c7 8a 8e 85 0a 44 d5 15 9f 01 10 bd 4f 00 74 48 e0 ed 16 cd 03 65 71 f7 e0 3c 4a d8 8c 10 f1 b4 ae fa 03 43 65 1c b7 d5 ec 74 89 0c e2 fa 66 02 52 a3 68 f8 16 1f db ec 40 4d 53 9e 1d 01 6b 60 8a f1 72 17 11 30 01 c6 3b 1b 26 c2 46 d9 de 76 f3 0e 81 b4 61 16 7c ad 01 a9 b4 44 b0 7d 42 a0 03 67 ef a1 06 b7 7b cf d6 fb b0 d5 10 7a f5 8c d3 8f d2 c5 12 86 79 7f 2f 5d 68 f8 70 f0 64 28 a7 33 13 1a 97 22 59 3d bb 64 df a5 61 49 96 b8 fb 2b d7 82 14 94 e7 a1 6b 5f 7e 63 98 20 c6 fb ab 6f 45 e2 d6 0b eb fe 87 ef 58 43 bf b9 92 60 f5
                                                                                                                                                                                                                          Data Ascii: @>1s.p%en/\]!NsD`[I6_qlDOtHeq<JCetfRh@MSk`r0;&Fva|D}Bg{zy/]hpd(3"Y=daI+k_~c oEXC`
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 34 f3 76 48 19 e4 e5 e7 5a bc ba b1 b1 a2 bb d7 d7 e2 d6 f1 44 42 36 29 2f 32 bf 70 91 5e 8f 0c ad 6c a6 75 a4 78 81 9f a6 21 bf ca 75 79 44 9a c3 b3 ce 04 2a 2d 23 cc 62 9e fe f7 1a 23 81 d7 0a ac d9 b0 90 90 67 89 a0 8d 9b 4e 06 b0 84 ba df 32 60 de c1 15 a0 df 6b ff a2 3e f9 03 7f 53 2b 47 d1 22 8a db 51 77 32 9d e5 fa 86 4e 8a 35 d0 4c a4 53 fa 9c fb a5 77 1f 9d 91 8c 70 f0 7e 6f 51 c4 ba 77 43 25 8e 4b fa be 74 86 b0 c5 96 c8 fa 9e 3e e9 1d 99 3a 17 06 78 4b c6 52 6d f0 ba 00 3c e9 f8 f9 0c 1a 53 2b a1 27 4e e7 22 ae 9f ef 4d 61 2d 15 05 6a f7 4f 21 e7 9f 39 22 ea f6 5c 5e da 22 cf da 61 5a 72 40 d8 1b 24 ab dd c0 e2 db 0a ea 2c 3d 2c 8c 0d 08 70 26 eb 48 77 24 20 96 03 2d b3 d7 ac 13 7a f8 8a f3 a6 bc fc ec 7b e2 07 9a 66 0b 49 ae d7 d3 d2 84 2d 5b
                                                                                                                                                                                                                          Data Ascii: 4vHZDB6)/2p^lux!uyD*-#b#gN2`k>S+G"Qw2N5LSwp~oQwC%Kt>:xKRm<S+'N"Ma-jO!9"\^"aZr@$,=,p&Hw$ -z{fI-[


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          57192.168.2.449805104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC878OUTGET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: font
                                                                                                                                                                                                                          Referer: https://bitsum.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=7.6
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912401.56.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC757INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:23 GMT
                                                                                                                                                                                                                          Content-Type: font/woff2
                                                                                                                                                                                                                          Content-Length: 75368
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Fri, 12 Apr 2024 09:28:07 GMT
                                                                                                                                                                                                                          ETag: "ff8d5-12668-615e2e3b4a63d"
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: REVALIDATED
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MIrKP8FsRXBpNwLFNBasneQ%2FDbB02IiXqQfLz8EatNfjZG3uLAcePgAiWNUDUZgRTA78HyXSdfDj9uCe%2BP9dmbKfjyCV2KunMnq9rmR8QY8rANGIwXT6rIKi31Y%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c2377f293956-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC612INData Raw: 77 4f 46 32 00 01 00 00 00 01 26 68 00 0d 00 00 00 01 fe 28 00 01 26 0c 01 4a 7f 7c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3f 46 46 54 4d 1c 1a 1e 06 60 00 8b 32 11 08 0a 87 a4 6c 85 da 76 01 36 02 24 03 8d 50 0b 86 6a 00 04 20 05 8b 05 07 a8 47 5b df 94 71 27 d6 40 76 ca 1e 16 56 ea c6 80 32 32 fd 9d db 2e 34 cd 64 ba b9 53 6e 87 db f3 a2 e6 8e 82 e3 3a 6c 1c c0 66 96 a6 b2 ff ff ff ff fc a4 11 63 db 26 6c ff 1c 02 aa 61 94 55 55 d2 b0 08 59 05 e6 34 c3 09 ec 20 6c f4 29 0d 13 d2 50 33 9b ce b2 49 8f 61 a9 c2 5a 93 9c 31 63 93 7d de ce 68 dc 75 17 17 b2 30 59 98 8c 05 fd a4 e2 62 9f 62 36 6c b3 0d 9b 6c b2 95 61 d8 be e6 66 51 a7 b9 8a ef e3 9d 5f 0a 9d f7 d1 05 8b ba 0c b7 8c a7 49 c3 ea 01 ab 57 18 37 65 6d dd 73 88 fe f6 ee b0 11
                                                                                                                                                                                                                          Data Ascii: wOF2&h(&J|?FFTM`2lv6$Pj G[q'@vV22.4dSn:lfc&laUUY4 l)P3IaZ1c}hu0Ybb6llafQ_IW7ems
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 69 5d 34 d8 39 37 c5 3a 60 28 2b 54 fb 34 ca 8a c0 b7 e8 03 ca 81 de b1 67 f0 c5 6c 31 a5 b0 3b b6 bd 61 d1 be f6 5a ea d5 b2 37 2b 23 e9 eb 72 00 c8 3c 26 85 0b e8 72 71 03 f2 9b 76 d3 99 79 0a 97 2d 69 77 9d 23 4a c5 ef 32 32 40 1e 98 67 68 f5 a1 0c f4 65 25 21 c1 b8 ba 21 fd c4 3c 44 b9 f7 b7 77 49 5e 29 dd e1 4a 97 30 fe 6b b4 c0 48 bc 40 62 f3 7f b5 d4 ff ee 78 d7 6d ef 1a 6c 19 58 32 87 c0 f4 00 03 d8 10 f8 ec f7 4f 36 db aa bf ac da 5e 68 18 69 0c 0d 03 82 28 1e 10 5a 01 cb 98 f0 c0 87 25 86 c3 e0 bc 90 47 1c 44 34 dc cf f6 76 26 4d 43 17 ff e2 49 77 fa fa 14 dd 20 b6 0c 4c 18 16 b2 81 ff fe e7 de 3f bd f2 a6 92 41 e8 ae 5a 40 f9 d0 b8 0a bb c7 26 76 26 50 fc 00 68 7c 01 0b b8 ed 2a cf b2 d8 23 0b 18 7f c9 9f d6 4b f6 47 c9 e9 4c 4b 1c 58 60 4c 46
                                                                                                                                                                                                                          Data Ascii: i]497:`(+T4gl1;aZ7+#r<&rqvy-iw#J22@ghe%!!<DwI^)J0kH@bxmlX2O6^hi(Z%GD4v&MCIw L?AZ@&v&Ph|*#KGLKX`LF
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 23 19 c1 74 cc 21 53 63 aa 0d dc 59 fc 01 09 3a a8 4d de 9f 63 d3 6d bd 8f 1a 7c 89 ca 48 b0 3b 9e f8 e0 9f 7f 52 19 ff 6f d1 17 85 0f 00 00 f0 36 00 63 16 c0 f5 6f d2 30 fc fa 7c f8 ea 6a 7f a6 07 18 bd 63 6b 80 57 cf 0b 19 01 f4 da a2 12 97 41 50 64 11 0d b1 e4 b0 78 a2 7b 22 43 9f 19 6e 82 0c 52 d9 f5 c8 01 64 ef 83 84 e0 3d 74 09 a0 c7 53 8a b4 66 e8 85 50 a0 3a 2c 09 9e 6f 64 2a 29 22 85 00 a0 69 e7 e2 1d 36 07 35 cb 90 69 19 14 48 16 4e 20 21 62 a1 0d b2 2b 22 e6 de 0d 89 85 58 2c a0 7a 60 64 55 24 b3 c2 f3 19 8b e3 32 5a 00 89 74 0a 43 21 e4 8b d5 5a 1c 96 a3 0e c8 ec 85 44 c6 4a 2d 51 18 f8 84 0c 01 43 18 ad 60 e0 48 99 b3 31 e4 5b e2 76 06 7a 9a 3e 74 62 a3 a8 68 32 5c 21 7b 7f 26 81 20 03 82 1d 09 26 01 e2 ce 67 22 0b 3a 92 86 cc 2a b4 37 6c e4
                                                                                                                                                                                                                          Data Ascii: #t!ScY:Mcm|H;Ro6co0|jckWAPdx{"CnRd=tSfP:,od*)"i65iHN !b+"X,z`dU$2ZtC!ZDJ-QC`H1[vz>tbh2\!{& &g":*7l
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 01 e0 b0 64 a7 88 35 bb 52 03 b0 5b 74 cf 1d f4 25 08 66 88 7a 45 d1 e0 e9 c8 a5 c4 4b d3 2e 9e b4 57 4e 0a 05 a7 ad 53 a8 4e 65 a4 b9 0b 01 41 aa d6 6a 0b 15 38 60 d0 b6 db 88 b8 78 e1 ff ff fc b0 ca df bd f1 d2 0b fe 7f 86 9f 7a ee 69 4f a8 39 4e 4a bd 27 82 04 2c e9 1b a9 1c 54 82 a2 c5 ce 62 ee 92 47 b5 5c 51 7d fb 44 61 1f 6d b0 76 bc de d5 39 08 d8 e2 6e 61 75 b8 2c b6 06 43 ac f3 33 c6 91 b5 37 4a 83 d6 a7 3b 3e e1 64 f3 d0 a1 fd e8 8a 37 44 6e 72 4f 8b 7a f6 5c 3b fe f0 8a fd f3 2e 3b 77 ba 3e fb d6 15 9a 61 5d 9e d8 b0 6c 2e 85 7a 10 2b ef b5 1b c6 62 49 91 72 03 e3 0d 00 69 d7 bb 42 d7 66 45 7a bb 3d da de 2a 5a 3b 19 0c d2 fc 19 a9 1a 8b 6a 28 45 34 19 36 58 89 72 c4 d8 60 42 ba 68 50 3c d0 10 ad 93 10 52 1b e1 8a 73 01 70 3f 00 39 00 5a 86 c5
                                                                                                                                                                                                                          Data Ascii: d5R[t%fzEK.WNSNeAj8`xziO9NJ',TbG\Q}Damv9nau,C37J;>d7DnrOz\;.;w>a]l.z+bIriBfEz=*Z;j(E46Xr`BhP<Rsp?9Z
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 52 c4 35 df 31 6a 31 19 4d 66 19 5c 59 85 af 39 a1 3f b1 7c 43 11 8d 5c 52 dc 3d fc 7b f1 59 21 12 72 a1 f5 9d f2 55 6a 63 b7 b5 7c a5 39 a1 9d 46 8e 96 4e 15 12 35 46 7b d3 aa 06 1c d6 ed 6b aa 9e 82 81 a6 05 ba 1f 2f 6e a4 c0 84 66 85 7c b7 28 47 0c 1e a3 12 6a a1 b3 51 94 a9 5d 33 b9 92 67 46 d0 08 f0 e9 2f cb 37 3f ea 8e ca 7a b9 37 3b 33 ea 15 3b db 04 35 47 db c3 4b 43 48 81 99 c5 af c0 e9 99 b4 29 35 54 04 69 9e a3 f0 7b 6a 96 38 60 6a 48 95 00 87 5c ff 56 8e 22 4a 32 a5 8b 09 c7 0e 44 fc 88 44 7d c9 df 9b 97 02 8b 80 c0 9b 4d 53 92 d0 01 11 46 e5 53 b8 f3 d4 ce e1 82 83 74 27 4a 62 37 c6 f3 dc 42 59 51 7c d0 22 34 3f b2 7c 00 92 97 8e 45 01 8f c6 a0 0a 42 30 c9 74 8e e7 64 31 93 70 55 6c 99 45 02 a8 cc 48 46 75 ec 8e 26 57 39 05 37 24 33 ee 7a a2
                                                                                                                                                                                                                          Data Ascii: R51j1Mf\Y9?|C\R={Y!rUjc|9FN5F{k/nf|(GjQ]3gF/7?z7;3;5GKCH)5Ti{j8`jH\V"J2DD}MSFSt'Jb7BYQ|"4?|EB0td1pUlEHFu&W97$3z
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 09 6d db 5b db b8 75 11 aa b5 88 d8 05 ac 0c 6f 9f bb 2a 7c 0e 37 a6 56 5c e7 51 2f 12 01 70 0d 8e 10 68 f4 8c 70 e8 12 b2 38 62 71 df 74 a7 11 bb 65 dd b1 12 62 3f 8b d8 9d 08 e4 c8 f1 c0 d7 2b ed e8 ac a5 3b 23 c3 6b 23 19 3f 5e 23 b3 38 6e 4d 86 7b 12 b5 e5 dc 68 d4 12 4d 4d 98 fc 38 47 ab 5e 59 38 d8 30 da eb c4 6b 6f 21 de 54 5f 01 f5 97 8c 28 25 26 7d 80 d2 5b e3 d9 8e 1e bf 50 ba 74 3e a8 72 d3 ea 6e 72 3f bb 1b 3f f8 15 5b 7a fc 9d 36 b7 7d bc 7c fc d3 72 4a a0 ea 26 29 a9 15 91 1e 85 7e d1 fc 87 e2 51 bf 01 95 1a 99 ab b8 80 d6 00 36 21 30 a9 66 f9 94 a2 97 98 44 1c db 3c de 43 99 5f 7d d8 f9 e2 5d f6 54 16 f1 66 50 c1 80 ca 76 40 2c a8 55 04 b9 e6 71 ec 89 71 88 70 ac 1e eb a8 06 91 53 2b eb c4 38 a0 87 87 44 08 07 46 2b 11 3d be 4f 64 3c dd 91
                                                                                                                                                                                                                          Data Ascii: m[uo*|7V\Q/php8bqteb?+;#k#?^#8nM{hMM8G^Y80ko!T_(%&}[Pt>rnr??[z6}|rJ&)~Q6!0fD<C_}]TfPv@,UqqpS+8DF+=Od<
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: ce 30 c3 16 00 5b 5c 22 a3 79 74 12 00 9e 55 66 08 60 05 7b 47 a7 59 65 f2 7b b9 a6 33 5b fc 52 87 38 a3 67 0a 21 92 d6 1e 7c a4 53 2a 34 9f a6 f4 24 12 de 51 ca a7 d8 fd 6f aa dd 78 99 ad 93 31 35 db ef 90 b9 98 e2 31 a0 43 41 62 ad da 3a e0 b2 25 9d 84 70 ab 5e 13 a5 1d e9 c5 32 80 b3 e9 00 1d fc 5e 90 7d 51 df 46 1f e1 05 2c ba 29 08 02 65 2f ce eb da c1 2a 16 35 22 45 e2 65 4d 6d 24 34 9a 2c 4e eb 13 95 6b 95 b2 46 3c 0b 82 e3 97 d6 11 ed 14 c0 2a 72 c7 ec 8b 20 f3 f8 da eb 9d 24 4b b8 1f fd 11 a0 2a 22 c8 63 49 e4 dc a3 d8 e6 b5 d3 91 8e 84 20 86 f2 e2 e3 9c db 92 da 10 52 8d aa 61 8c b8 35 32 fc 47 01 d5 0f 24 58 04 19 bb 53 43 98 4f c4 ec 80 c1 87 cb 29 c9 50 dd 05 a6 55 31 8b e6 65 a6 2b 95 9e 84 12 96 df 78 57 0a 2a ac 90 0d cc 81 aa 00 ce 39 79
                                                                                                                                                                                                                          Data Ascii: 0[\"ytUf`{GYe{3[R8g!|S*4$Qox151CAb:%p^2^}QF,)e/*5"EeMm$4,NkF<*r $K*"cI Ra52G$XSCO)PU1e+xW*9y
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: db c3 18 65 36 52 cf a1 a9 1c 9e 2f 26 63 46 48 80 68 69 02 07 45 49 fd 1f 76 d2 d5 2d f0 a5 49 15 c2 2e 0c 1b 97 59 9e 67 52 56 81 ab b5 87 ea 5d 8e 5c b8 a8 d0 6c 58 f3 7c fe 2f f2 e3 a3 77 85 30 fb 79 34 17 2a c4 8a 21 bc d2 cc 03 71 60 35 8b de c0 7a 56 76 b2 fb 80 dd 88 d0 2c 9b 62 71 5e f8 2d 85 72 0d 3b 6d 17 8c 38 60 15 56 3a cf 12 ae 8d 11 e0 d6 5a 8a cb 48 c6 74 98 0e 10 27 b5 d4 37 0d 60 c4 c0 28 18 94 0b ef 9b 49 81 8c ad 6c 86 b5 5e 72 f5 ac 16 e9 34 27 dd 19 a7 d9 a7 85 8d eb 40 40 ba 86 cc 64 9a da 40 e2 c2 6f 74 55 b8 bf c6 c0 11 cf f3 56 03 32 10 2c c8 d9 7f 9a 78 4c f3 17 11 e8 b6 44 cf c4 d6 cd ce 20 97 3f 7d bc 95 6b 54 51 14 b4 01 5b 13 75 af 8b eb 03 fe 0d 1b 8a ee 48 a2 06 e0 a0 a9 29 5a 68 b3 0d c0 4d 8d cf 61 0f 45 14 cb a4 ff 1b
                                                                                                                                                                                                                          Data Ascii: e6R/&cFHhiEIv-I.YgRV]\lX|/w0y4*!q`5zVv,bq^-r;m8`V:ZHt'7`(Il^r4'@@d@otUV2,xLD ?}kTQ[uH)ZhMaE
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 78 13 0a b8 19 e8 10 d9 58 0d 03 30 5b 54 37 e5 1a 17 e7 55 18 ca a1 0c 22 a5 21 5a 29 f1 99 68 f9 e9 1e 56 0a 9c d2 79 35 5f e3 69 fc 91 c7 39 0d 1b 14 f0 79 d8 87 b1 19 ad e5 af 05 1f 01 57 75 56 c4 8c e8 51 0f 01 da 8e 26 d8 b0 d8 37 7b 13 26 12 5e 82 d2 13 af a5 b6 8d 66 5c 1d ef a8 e0 23 be 38 64 37 ee ad 6a b6 62 31 e8 c2 d1 97 af ce 74 3f 2f 74 20 94 97 63 72 97 24 bb 37 72 d3 b1 a4 7c f0 9e b9 86 29 d3 0c ee eb c0 6d 1b bb cf b1 4f c2 1b 6a a8 1b 21 14 63 33 3d ef 09 0c 9e bb fb 1c 65 59 10 5c 8c 86 c6 2a 31 0b 12 9f 57 0b db 9a c4 d8 98 5d 36 f7 85 36 f9 54 6f a4 fc 7f 0f f7 04 66 81 51 fa e0 c0 6c 2e b4 c7 6e 0a bb 2f 1e 6a ef 7d 10 77 1d 75 ba 6e 05 16 8a b9 7b a5 69 fa 1a 47 4f 3b 8f ac 18 76 0b ef b3 15 2e 3d 8f fb a0 d7 14 96 23 30 ce 54 00
                                                                                                                                                                                                                          Data Ascii: xX0[T7U"!Z)hVy5_i9yWuVQ&7{&^f\#8d7jb1t?/t cr$7r|)mOj!c3=eY\*1W]66TofQl.n/j}wun{iGO;v.=#0T
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 9e 93 53 c1 3d 05 58 2e 23 80 94 ba 58 44 e7 8e 2d a7 10 75 26 18 2d 2a 97 db f3 58 10 39 e2 3a bb 04 98 5d 20 40 dc 06 5d 8c 10 00 79 5d a1 9c 0c 8c 4c 39 17 dc 8a 6d 05 c5 23 53 9a d2 bd f1 26 20 3e 17 bd 10 95 cc d6 b2 92 aa fe ce a6 d6 75 0d 80 b8 06 a0 97 d5 41 f7 4b 61 20 04 fd d5 cb 29 92 60 5f c4 cf 7f da ca af 90 62 da d1 50 e2 08 e6 29 ee 6b 3a 2b 64 c0 2a 19 d2 fe 05 1e cd 77 bb 27 e1 ec 80 b5 98 ac fe 32 09 b9 e1 70 22 53 ee 99 db 9c b5 7b ac 4d f2 8c 75 e2 a1 e9 e4 f3 7b 03 3a 2b 5e 49 b5 70 44 7d ce 2a c4 14 61 6d 06 01 a3 10 25 cc b7 db ec 56 9f 45 a7 f9 aa 56 50 5d 2f 35 a9 f3 52 79 fd 23 2e 0d 30 cf da 43 c2 8d 58 42 31 d7 65 15 44 ec ab 68 99 36 6f 1e 5d 3a b9 3e 73 d3 9e 10 b3 99 b8 3d c0 63 06 c5 cf f7 6c fe 27 0f 08 70 2f 00 9b 93 a3
                                                                                                                                                                                                                          Data Ascii: S=X.#XD-u&-*X9:] @]y]L9m#S& >uAKa )`_bP)k:+d*w'2p"S{Mu{:+^IpD}*am%VEVP]/5Ry#.0CXB1eDh6o]:>s=cl'p/


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          58192.168.2.449803104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:22 UTC835OUTGET /wp-content/themes/meminz/img/pricing-line.png HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: image
                                                                                                                                                                                                                          Referer: https://bitsum.com/wp-content/themes/meminz/style.css?ver=202306092
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912401.56.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC967INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:23 GMT
                                                                                                                                                                                                                          Content-Type: image/webp
                                                                                                                                                                                                                          Content-Length: 112
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: max-age=3600
                                                                                                                                                                                                                          Cf-Bgj: imgq:100,h2pri
                                                                                                                                                                                                                          Cf-Polished: origFmt=png, origSize=216
                                                                                                                                                                                                                          Content-Disposition: inline; filename="pricing-line.webp"
                                                                                                                                                                                                                          ETag: "103ac7-d8-50cdb39a46700"
                                                                                                                                                                                                                          Expires: Sun, 05 May 2024 13:19:14 GMT
                                                                                                                                                                                                                          Last-Modified: Sat, 17 Jan 2015 16:03:08 GMT
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Vary: Accept
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: HIT
                                                                                                                                                                                                                          Age: 849
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RN8PQw3upHx04ZfZxjjhjThy1KjGxifoo3IvsBguDkMGt1V7zEDhs%2Fd4M3%2F%2FuLTrAAQrTS1iCfHm5Llb5X4%2Fi1opa3tYQ2hgKOF9J%2FToQxnkzXkfbMrXQcAw74w%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c2376cbd7f56-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC112INData Raw: 52 49 46 46 68 00 00 00 57 45 42 50 56 50 38 4c 5c 00 00 00 2f 1b 01 00 10 cd 00 04 e1 ff db 43 44 ff d3 0a 36 6d 23 09 5a fe c8 0e d8 b7 df 27 99 08 85 6d db 20 c5 ff 1f 1e e4 13 70 a4 ea 94 7a 06 2e 6c 1b 1b 57 d8 70 70 44 34 ed 60 11 45 10 10 10 bf bf e7 23 20 20 28 72 47 9a 65 de d6 da b6 9b b1 01 8c 8d 6d 6b 65 aa 07 c1 a3 90 04
                                                                                                                                                                                                                          Data Ascii: RIFFhWEBPVP8L\/CD6m#Z'm pz.lWppD4`E# (rGemke


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          59192.168.2.449806142.251.16.1134434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1241OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912395180&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=2&sid=1714912397&sct=1&seg=0&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=7&tfd=11487 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:23 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          60192.168.2.449809104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC841OUTGET /wp-content/uploads/bitsum_logo_transparent.png HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: image
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912401.56.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC983INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:23 GMT
                                                                                                                                                                                                                          Content-Type: image/webp
                                                                                                                                                                                                                          Content-Length: 2550
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: max-age=3600
                                                                                                                                                                                                                          Cf-Bgj: imgq:100,h2pri
                                                                                                                                                                                                                          Cf-Polished: origFmt=png, origSize=2914
                                                                                                                                                                                                                          Content-Disposition: inline; filename="bitsum_logo_transparent.webp"
                                                                                                                                                                                                                          ETag: "fc9c7-b62-5477ff47bc7e3"
                                                                                                                                                                                                                          Expires: Sun, 05 May 2024 12:44:06 GMT
                                                                                                                                                                                                                          Last-Modified: Wed, 01 Feb 2017 22:56:11 GMT
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Vary: Accept
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: HIT
                                                                                                                                                                                                                          Age: 2957
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Onc0KeF%2BqzzJwwKKFK%2Fri8%2B%2B2U21qIsTjvywwjeoCLSBZ%2BUi9wpF4LfZxt9OAlLKw2AM9SS%2BzY3lyelYlCWhXh77pXsYoXw9hcb9haDbTzWNKJd6abUgYPI5KOA%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c239da5c59d4-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC386INData Raw: 52 49 46 46 ee 09 00 00 57 45 42 50 56 50 38 4c e2 09 00 00 2f 10 c1 18 10 7f 05 39 92 24 49 91 17 b7 54 e8 2f 0e 4f d8 ed ca 54 c3 6d 6c db aa b2 bf e0 92 b9 b5 4f 33 84 74 41 e4 f0 e4 9c 0b 4b 92 6c d3 56 ad 7d 6d 7f 79 c6 77 92 78 f6 db c6 82 5b db b6 aa 6a e1 ee 52 02 11 05 30 c8 dc 29 81 41 01 94 40 23 44 0c 52 77 52 7a b0 9c 90 ef ae d7 08 40 43 6f e0 19 48 20 c0 3f d0 40 81 7f f0 01 14 50 40 82 3f 20 80 02 12 68 a0 80 00 06 18 20 80 00 12 28 20 81 00 06 fc 83 5f f0 0b 34 90 40 81 7f f0 07 be 81 00 06 18 a0 5a f3 5d 84 5e 7d d2 6f 97 0d eb d6 d4 3f b4 70 4a 75 57 ed 8b f5 6b 53 4c 24 ac 7f 7a b9 9c 57 4e 25 57 fb 8c a2 03 1c b6 5a aa 6e a6 8a 8e 46 74 a5 26 57 23 ec ce df 22 e8 a4 16 47 4a 74 46 d1 93 12 5d 9b ad 6f 4b b6 d7 d1 9d ec 3d c9 83 bf 64
                                                                                                                                                                                                                          Data Ascii: RIFFWEBPVP8L/9$IT/OTmlO3tAKlV}mywx[jR0)A@#DRwRz@CoH ?@P@? h ( _4@Z]^}o?pJuWkSL$zWN%WZnFt&W#"GJtF]oK=d
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: e7 eb 48 38 b8 51 1b 6a 60 48 12 92 0b 71 e5 d2 57 66 5c e0 8a a6 ed a7 e9 89 6a 20 f6 dd 95 8d e0 9e 51 72 6a 9d 6f 5a c9 e6 b5 a3 02 a5 4b 92 d0 d4 b8 f6 93 e1 e3 60 6e be 93 af fb f9 35 f9 b9 7d 24 7f d7 25 97 ae 97 fb 7f fd f3 ff f1 e7 f7 e5 9a 36 8e 82 b6 6d 18 97 3f ec ee 50 88 88 09 80 34 f2 39 da ff ff 7f 4d 23 e9 bb bb e7 ae bf b9 df b1 d3 4e 61 4a dd 05 aa b8 86 60 0d 71 02 61 dc 5d aa 04 92 0a a5 65 ac 36 ac fe 91 84 96 0a 17 ce 3f df 88 fe 4f 80 24 db b6 d5 36 fa ef 8b 65 66 06 31 a4 c8 03 a8 5e ad 9a ff 9c 04 f5 0c fa d5 bd 2f a2 ff 13 80 fe 8b 7b 67 eb e1 fe e7 3d 2d 86 81 cf ef 99 5a 0c bd 8f 01 b5 1c 4d 2d 05 5c d3 52 34 3b b6 bb 5b 0c 8b a5 19 d4 62 b4 da c7 5b 0d 2d 49 e7 62 cb e1 8d 0d 7a 2c 2d 85 f1 b2 ad fb de 63 53 cb c0 8a 60 f1 ed
                                                                                                                                                                                                                          Data Ascii: H8Qj`HqWf\j QrjoZK`n5}$%6m?P49M#NaJ`qa]e6?O$6ef1^/{g=-ZM-\R4;[b[-Ibz,-cS`
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC795INData Raw: 48 f3 3b 06 0d 92 f9 c1 35 39 23 89 1c 93 a2 92 71 cd 67 47 ba 6f 66 da 6b ac 08 ac 47 71 32 02 44 38 14 f0 4d 1a a4 ce 07 57 b3 19 49 e4 19 9a 4a c6 a2 3e 9b de 54 a9 b7 66 1c 01 7c d8 8b 91 51 92 08 69 be 29 a3 74 ff 6a 36 93 16 05 8e a1 12 f1 d8 46 9d 8e f2 ce 00 82 8e 2a 02 cb 87 64 22 16 8f 62 22 e4 9b e9 b8 d0 f6 8e 17 3e cc 00 1e 5f 93 75 58 9a 8a c7 de 3d d7 83 61 c7 9b f9 99 ea 20 02 6b 82 4a 26 62 f1 68 24 ac 15 ba 2f b4 15 01 a5 21 7c b8 ae 07 0c bd 10 87 a3 4e 3d 30 0f db 16 cd 08 60 70 3f 45 25 13 31 32 12 d6 b6 06 2e bc ca 10 5e dc c8 ea b1 74 6a 21 fe 7e b0 4e fd 17 07 29 0a 92 89 18 49 04 4b 46 a9 fb 96 20 81 c8 73 2c 43 a7 a8 e4 de d1 49 cc 87 0c 0d 29 2a 99 88 45 42 86 09 2a 8c 90 96 84 3a 64 65 f2 04 cf 6e 30 18 d3 29 aa 46 ed 36 4a b6
                                                                                                                                                                                                                          Data Ascii: H;59#qgGofkGq2D8MWIJ>Tf|Qi)tj6F*d"b">_uX=a kJ&bh$/!|N=0`p?E%12.^tj!~N)IKF s,CI)*EB*:den0)F6J


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          61192.168.2.449808142.251.16.1134434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1691OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912395180&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr5.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr36.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr64.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true&_e [TRUNCATED]
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:23 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          62192.168.2.449807104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC797OUTGET /wp-content/plugins/jetpack/_inc/build/widgets/eu-cookie-law/eu-cookie-law.min.js?ver=20180522 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: script
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=deleted
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC779INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:23 GMT
                                                                                                                                                                                                                          Content-Type: application/javascript
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Wed, 10 Apr 2024 21:49:20 GMT
                                                                                                                                                                                                                          ETag: W/"1029d5-600-615c502d84b2f-gzip"
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: EXPIRED
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OrQ3N8Gq0BrGMZu2XTb6lbGrkHx7ZWFYgLke37DmY%2B4zvza3p%2FS9wucxtdEET9SFQWqtt0pLSpfZn5cpLuiycT3eCYty3Y26ScVJIf%2BOSJ2jtDZbbazNCgHDQx0%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c239de7d05fb-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC590INData Raw: 36 30 30 0d 0a 21 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 2c 74 2c 69 2c 6f 3d 64 6f 63 75 6d 65 6e 74 2e 63 6f 6f 6b 69 65 2e 72 65 70 6c 61 63 65 28 2f 28 3f 3a 28 3f 3a 5e 7c 2e 2a 3b 5c 73 2a 29 65 75 63 6f 6f 6b 69 65 6c 61 77 5c 73 2a 5c 3d 5c 73 2a 28 5b 5e 3b 5d 2a 29 2e 2a 24 29 7c 5e 2e 2a 24 2f 2c 22 24 31 22 29 2c 6e 3d 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 65 75 2d 63 6f 6f 6b 69 65 2d 6c 61 77 22 29 2c 73 3d 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 28 22 2e 77 69 64 67 65 74 5f 65 75 5f 63 6f 6f 6b 69 65 5f 6c 61 77 5f 77 69 64 67 65 74 22 29 2c 61 3d 73 26 26 73 2e 68 61 73 41 74 74 72 69 62 75 74 65 28 22 64 61 74 61 2d 63 75 73 74 6f 6d 69 7a 65 2d 77 69 64 67 65 74 2d
                                                                                                                                                                                                                          Data Ascii: 600!function(){var e,t,i,o=document.cookie.replace(/(?:(?:^|.*;\s*)eucookielaw\s*\=\s*([^;]*).*$)|^.*$/,"$1"),n=document.getElementById("eu-cookie-law"),s=document.querySelector(".widget_eu_cookie_law_widget"),a=s&&s.hasAttribute("data-customize-widget-
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC953INData Raw: 28 6e 29 7d 65 6c 73 65 22 22 3d 3d 3d 6f 7c 7c 61 7c 7c 6e 2e 70 61 72 65 6e 74 4e 6f 64 65 2e 72 65 6d 6f 76 65 43 68 69 6c 64 28 6e 29 3b 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 73 29 2c 6e 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 28 22 66 6f 72 6d 22 29 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 73 75 62 6d 69 74 22 2c 6c 29 2c 6e 2e 63 6c 61 73 73 4c 69 73 74 2e 63 6f 6e 74 61 69 6e 73 28 22 68 69 64 65 2d 6f 6e 2d 73 63 72 6f 6c 6c 22 29 3f 28 74 3d 65 28 29 2c 69 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 4d 61 74 68 2e 61 62 73 28 65 28 29 2d 74 29 3e 35 30 26 26 6c 28 29 7d 2c 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 73 63 72 6f 6c 6c 22 2c 69 29 29 3a 6e 2e 63 6c 61
                                                                                                                                                                                                                          Data Ascii: (n)}else""===o||a||n.parentNode.removeChild(n);document.body.appendChild(s),n.querySelector("form").addEventListener("submit",l),n.classList.contains("hide-on-scroll")?(t=e(),i=function(){Math.abs(e()-t)>50&&l()},window.addEventListener("scroll",i)):n.cla
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          63192.168.2.449810104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC813OUTGET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=7.6 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: script
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912402.55.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC799INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:23 GMT
                                                                                                                                                                                                                          Content-Type: application/javascript
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Fri, 12 Apr 2024 09:28:07 GMT
                                                                                                                                                                                                                          ETag: W/"10025e-5115-615e2e3b5233e-gzip"
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: HIT
                                                                                                                                                                                                                          Age: 2000
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R0%2FogHwnV6qYJKT9%2Bz4T%2Fp7PB2gVQ4joB2WSM%2FMX6GOSWB0b3FI2fgqA4zlGN4wBmZP%2BJpYfAYXt5qKS5l%2BO3G4GO04cHchmP%2Fu9C9%2Fuf%2F5RC1SY5ZN9L03dUic%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c23bece11fce-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC570INData Raw: 35 31 31 35 0d 0a 2f 2a 21 0a 20 2a 20 57 50 42 61 6b 65 72 79 20 50 61 67 65 20 42 75 69 6c 64 65 72 20 76 36 2e 30 2e 30 20 28 68 74 74 70 73 3a 2f 2f 77 70 62 61 6b 65 72 79 2e 63 6f 6d 29 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 32 34 20 4d 69 63 68 61 65 6c 20 4d 2c 20 57 50 42 61 6b 65 72 79 0a 20 2a 20 4c 69 63 65 6e 73 65 3a 20 43 6f 6d 6d 65 72 63 69 61 6c 2e 20 4d 6f 72 65 20 64 65 74 61 69 6c 73 3a 20 68 74 74 70 3a 2f 2f 67 6f 2e 77 70 62 61 6b 65 72 79 2e 63 6f 6d 2f 6c 69 63 65 6e 73 69 6e 67 0a 20 2a 2f 0a 0a 2f 2f 20 6a 73 63 73 3a 64 69 73 61 62 6c 65 0a 2f 2f 20 6a 73 68 69 6e 74 20 69 67 6e 6f 72 65 3a 20 73 74 61 72 74 0a 0a 64 6f 63 75 6d 65 6e 74 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2e 63 6c 61 73 73
                                                                                                                                                                                                                          Data Ascii: 5115/*! * WPBakery Page Builder v6.0.0 (https://wpbakery.com) * Copyright 2011-2024 Michael M, WPBakery * License: Commercial. More details: http://go.wpbakery.com/licensing */// jscs:disable// jshint ignore: startdocument.documentElement.class
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 6e 73 66 6f 72 6d 20 22 29 7d 28 29 2c 66 75 6e 63 74 69 6f 6e 28 24 29 7b 22 66 75 6e 63 74 69 6f 6e 22 21 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 2e 76 63 5f 6a 73 26 26 28 77 69 6e 64 6f 77 2e 76 63 5f 6a 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 63 5f 74 6f 67 67 6c 65 42 65 68 61 76 69 6f 75 72 28 29 2c 76 63 5f 74 61 62 73 42 65 68 61 76 69 6f 75 72 28 29 2c 76 63 5f 61 63 63 6f 72 64 69 6f 6e 42 65 68 61 76 69 6f 75 72 28 29 2c 76 63 5f 74 65 61 73 65 72 47 72 69 64 28 29 2c 76 63 5f 63 61 72 6f 75 73 65 6c 42 65 68 61 76 69 6f 75 72 28 29 2c 76 63 5f 73 6c 69 64 65 72 73 42 65 68 61 76 69 6f 75 72 28 29 2c 76 63 5f 70 72 65 74 74 79 50 68 6f 74 6f 28 29 2c 76 63 5f 70 69 6e 74 65 72 65 73 74 28 29 2c 76 63
                                                                                                                                                                                                                          Data Ascii: nsform ")}(),function($){"function"!=typeof window.vc_js&&(window.vc_js=function(){"use strict";vc_toggleBehaviour(),vc_tabsBehaviour(),vc_accordionBehaviour(),vc_teaserGrid(),vc_carouselBehaviour(),vc_slidersBehaviour(),vc_prettyPhoto(),vc_pinterest(),vc
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 64 6f 77 2e 76 63 5f 70 69 6e 74 65 72 65 73 74 26 26 28 77 69 6e 64 6f 77 2e 76 63 5f 70 69 6e 74 65 72 65 73 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 70 6f 2c 73 3b 30 3c 6a 51 75 65 72 79 28 22 2e 77 70 62 5f 70 69 6e 74 65 72 65 73 74 22 29 2e 6c 65 6e 67 74 68 26 26 28 28 70 6f 3d 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 73 63 72 69 70 74 22 29 29 2e 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 2c 70 6f 2e 61 73 79 6e 63 3d 21 30 2c 70 6f 2e 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 61 73 73 65 74 73 2e 70 69 6e 74 65 72 65 73 74 2e 63 6f 6d 2f 6a 73 2f 70 69 6e 69 74 2e 6a 73 22 2c 28 73 3d 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 22 73 63 72
                                                                                                                                                                                                                          Data Ascii: dow.vc_pinterest&&(window.vc_pinterest=function(){var po,s;0<jQuery(".wpb_pinterest").length&&((po=document.createElement("script")).type="text/javascript",po.async=!0,po.src="https://assets.pinterest.com/js/pinit.js",(s=document.getElementsByTagName("scr
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 69 6f 6e 3a 33 30 30 2c 63 6f 6d 70 6c 65 74 65 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 65 6c 65 6d 65 6e 74 2e 61 64 64 43 6c 61 73 73 28 22 76 63 5f 74 6f 67 67 6c 65 5f 61 63 74 69 76 65 22 29 7d 7d 29 7d 28 24 65 6c 3f 24 65 6c 2e 68 61 73 43 6c 61 73 73 28 22 76 63 5f 74 6f 67 67 6c 65 5f 74 69 74 6c 65 22 29 3f 24 65 6c 2e 75 6e 62 69 6e 64 28 22 63 6c 69 63 6b 22 29 3a 24 65 6c 2e 66 69 6e 64 28 22 2e 76 63 5f 74 6f 67 67 6c 65 5f 74 69 74 6c 65 22 29 2e 6f 66 66 28 22 63 6c 69 63 6b 22 29 3a 6a 51 75 65 72 79 28 22 2e 76 63 5f 74 6f 67 67 6c 65 5f 74 69 74 6c 65 22 29 2e 6f 66 66 28 22 63 6c 69 63 6b 22 29 29 2e 6f 6e 28 22 63 6c 69 63 6b 22 2c 65 76 65 6e 74 29 7d 29 2c 22 66 75 6e 63 74 69 6f 6e 22 21 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 2e 76
                                                                                                                                                                                                                          Data Ascii: ion:300,complete:function(){element.addClass("vc_toggle_active")}})}($el?$el.hasClass("vc_toggle_title")?$el.unbind("click"):$el.find(".vc_toggle_title").off("click"):jQuery(".vc_toggle_title").off("click")).on("click",event)}),"function"!=typeof window.v
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 5f 63 6f 6e 74 65 6e 74 28 65 76 65 6e 74 2c 75 69 29 7d 2c 61 63 74 69 76 61 74 65 3a 66 75 6e 63 74 69 6f 6e 28 65 76 65 6e 74 2c 75 69 29 7b 77 70 62 5f 70 72 65 70 61 72 65 5f 74 61 62 5f 63 6f 6e 74 65 6e 74 28 65 76 65 6e 74 2c 75 69 29 7d 7d 29 3b 69 66 28 69 6e 74 65 72 76 61 6c 26 26 30 3c 69 6e 74 65 72 76 61 6c 29 74 72 79 7b 24 74 61 62 73 2e 74 61 62 73 28 22 72 6f 74 61 74 65 22 2c 31 65 33 2a 69 6e 74 65 72 76 61 6c 29 7d 63 61 74 63 68 28 65 72 72 29 7b 77 69 6e 64 6f 77 2e 63 6f 6e 73 6f 6c 65 26 26 77 69 6e 64 6f 77 2e 63 6f 6e 73 6f 6c 65 2e 77 61 72 6e 26 26 63 6f 6e 73 6f 6c 65 2e 77 61 72 6e 28 22 74 61 62 73 20 62 65 68 61 76 69 6f 75 72 73 20 65 72 72 6f 72 22 2c 65 72 72 29 7d 6a 51 75 65 72 79 28 74 68 69 73 29 2e 66 69 6e 64 28
                                                                                                                                                                                                                          Data Ascii: _content(event,ui)},activate:function(event,ui){wpb_prepare_tab_content(event,ui)}});if(interval&&0<interval)try{$tabs.tabs("rotate",1e3*interval)}catch(err){window.console&&window.console.warn&&console.warn("tabs behaviours error",err)}jQuery(this).find(
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 74 61 62 22 29 2c 31 30 29 26 26 70 61 72 73 65 49 6e 74 28 24 74 68 69 73 2e 64 61 74 61 28 22 61 63 74 69 76 65 2d 74 61 62 22 29 2c 31 30 29 2d 31 29 2c 63 6f 6c 6c 61 70 73 69 62 6c 65 3d 21 31 3d 3d 3d 61 63 74 69 76 65 5f 74 61 62 7c 7c 22 79 65 73 22 3d 3d 3d 24 74 68 69 73 2e 64 61 74 61 28 22 63 6f 6c 6c 61 70 73 69 62 6c 65 22 29 2c 61 63 74 69 76 65 5f 74 61 62 3d 24 74 68 69 73 2e 66 69 6e 64 28 22 2e 77 70 62 5f 61 63 63 6f 72 64 69 6f 6e 5f 77 72 61 70 70 65 72 22 29 2e 61 63 63 6f 72 64 69 6f 6e 28 7b 68 65 61 64 65 72 3a 22 3e 20 64 69 76 20 3e 20 68 33 22 2c 61 75 74 6f 48 65 69 67 68 74 3a 21 31 2c 68 65 69 67 68 74 53 74 79 6c 65 3a 22 63 6f 6e 74 65 6e 74 22 2c 61 63 74 69 76 65 3a 61 63 74 69 76 65 5f 74 61 62 2c 63 6f 6c 6c 61 70 73
                                                                                                                                                                                                                          Data Ascii: tab"),10)&&parseInt($this.data("active-tab"),10)-1),collapsible=!1===active_tab||"yes"===$this.data("collapsible"),active_tab=$this.find(".wpb_accordion_wrapper").accordion({header:"> div > h3",autoHeight:!1,heightStyle:"content",active:active_tab,collaps
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 72 28 22 64 61 74 61 2d 66 69 6c 74 65 72 22 29 7d 29 7d 29 2c 6a 51 75 65 72 79 28 77 69 6e 64 6f 77 29 2e 6f 6e 28 22 6c 6f 61 64 20 72 65 73 69 7a 65 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 24 74 68 75 6d 62 73 2e 69 73 6f 74 6f 70 65 28 22 6c 61 79 6f 75 74 22 29 7d 29 7d 29 7d 29 2c 22 66 75 6e 63 74 69 6f 6e 22 21 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 2e 76 63 5f 63 61 72 6f 75 73 65 6c 42 65 68 61 76 69 6f 75 72 26 26 28 77 69 6e 64 6f 77 2e 76 63 5f 63 61 72 6f 75 73 65 6c 42 65 68 61 76 69 6f 75 72 3d 66 75 6e 63 74 69 6f 6e 28 24 70 61 72 65 6e 74 29 7b 28 24 70 61 72 65 6e 74 3f 24 70 61 72 65 6e 74 2e 66 69 6e 64 28 22 2e 77 70 62 5f 63 61 72 6f 75 73 65 6c 22 29 3a 6a 51 75 65 72 79 28 22 2e 77 70 62 5f 63 61 72 6f 75 73 65 6c 22 29 29 2e
                                                                                                                                                                                                                          Data Ascii: r("data-filter")})}),jQuery(window).on("load resize",function(){$thumbs.isotope("layout")})})}),"function"!=typeof window.vc_carouselBehaviour&&(window.vc_carouselBehaviour=function($parent){($parent?$parent.find(".wpb_carousel"):jQuery(".wpb_carousel")).
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 69 6d 61 67 65 73 47 72 69 64 3d 74 68 69 73 5f 65 6c 65 6d 65 6e 74 2e 66 69 6e 64 28 22 2e 77 70 62 5f 69 6d 61 67 65 5f 67 72 69 64 5f 75 6c 22 29 2e 69 6d 61 67 65 73 4c 6f 61 64 65 64 28 66 75 6e 63 74 69 6f 6e 28 29 7b 24 69 6d 61 67 65 73 47 72 69 64 2e 69 73 6f 74 6f 70 65 28 7b 69 74 65 6d 53 65 6c 65 63 74 6f 72 3a 22 2e 69 73 6f 74 6f 70 65 2d 69 74 65 6d 22 2c 6c 61 79 6f 75 74 4d 6f 64 65 3a 22 66 69 74 52 6f 77 73 22 7d 29 7d 29 3a 74 68 69 73 5f 65 6c 65 6d 65 6e 74 2e 66 69 6e 64 28 22 2e 77 70 62 5f 69 6d 61 67 65 5f 67 72 69 64 5f 75 6c 22 29 2e 69 73 6f 74 6f 70 65 28 7b 69 74 65 6d 53 65 6c 65 63 74 6f 72 3a 22 2e 69 73 6f 74 6f 70 65 2d 69 74 65 6d 22 2c 6c 61 79 6f 75 74 4d 6f 64 65 3a 22 66 69 74 52 6f 77 73 22 7d 29 29 7d 29 7d 29
                                                                                                                                                                                                                          Data Ascii: imagesGrid=this_element.find(".wpb_image_grid_ul").imagesLoaded(function(){$imagesGrid.isotope({itemSelector:".isotope-item",layoutMode:"fitRows"})}):this_element.find(".wpb_image_grid_ul").isotope({itemSelector:".isotope-item",layoutMode:"fitRows"}))})})
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 5f 6d 61 72 67 69 6e 5f 72 69 67 68 74 2c 6f 66 66 73 65 74 2c 77 69 64 74 68 2c 63 73 73 50 72 6f 70 73 2c 70 61 64 64 69 6e 67 2c 70 61 64 64 69 6e 67 52 69 67 68 74 2c 24 65 6c 3d 24 28 74 68 69 73 29 2c 24 65 6c 5f 66 75 6c 6c 3d 28 24 65 6c 2e 61 64 64 43 6c 61 73 73 28 22 76 63 5f 68 69 64 64 65 6e 22 29 2c 24 65 6c 2e 6e 65 78 74 28 22 2e 76 63 5f 72 6f 77 2d 66 75 6c 6c 2d 77 69 64 74 68 22 29 29 3b 28 24 65 6c 5f 66 75 6c 6c 3d 24 65 6c 5f 66 75 6c 6c 2e 6c 65 6e 67 74 68 3f 24 65 6c 5f 66 75 6c 6c 3a 24 65 6c 2e 70 61 72 65 6e 74 28 29 2e 6e 65 78 74 28 22 2e 76 63 5f 72 6f 77 2d 66 75 6c 6c 2d 77 69 64 74 68 22 29 29 2e 6c 65 6e 67 74 68 26 26 28 65 6c 5f 6d 61 72 67 69 6e 5f 6c 65 66 74 3d 70 61 72 73 65 49 6e 74 28 24 65 6c 2e 63 73 73 28 22
                                                                                                                                                                                                                          Data Ascii: _margin_right,offset,width,cssProps,padding,paddingRight,$el=$(this),$el_full=($el.addClass("vc_hidden"),$el.next(".vc_row-full-width"));($el_full=$el_full.length?$el_full:$el.parent().next(".vc_row-full-width")).length&&(el_margin_left=parseInt($el.css("
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 69 6e 64 6f 77 48 65 69 67 68 74 3d 24 28 77 69 6e 64 6f 77 29 2e 68 65 69 67 68 74 28 29 2c 28 6f 66 66 73 65 74 54 6f 70 3d 24 65 6c 65 6d 65 6e 74 2e 6f 66 66 73 65 74 28 29 2e 74 6f 70 29 3c 77 69 6e 64 6f 77 48 65 69 67 68 74 29 26 26 24 65 6c 65 6d 65 6e 74 2e 63 73 73 28 22 6d 69 6e 2d 68 65 69 67 68 74 22 2c 31 30 30 2d 6f 66 66 73 65 74 54 6f 70 2f 28 77 69 6e 64 6f 77 48 65 69 67 68 74 2f 31 30 30 29 2b 22 76 68 22 29 2c 24 28 64 6f 63 75 6d 65 6e 74 29 2e 74 72 69 67 67 65 72 28 22 76 63 2d 66 75 6c 6c 2d 68 65 69 67 68 74 2d 72 6f 77 22 2c 24 65 6c 65 6d 65 6e 74 29 7d 24 28 77 69 6e 64 6f 77 29 2e 6f 66 66 28 22 72 65 73 69 7a 65 2e 76 63 52 6f 77 42 65 68 61 76 69 6f 75 72 22 29 2e 6f 6e 28 22 72 65 73 69 7a 65 2e 76 63 52 6f 77 42 65 68 61
                                                                                                                                                                                                                          Data Ascii: indowHeight=$(window).height(),(offsetTop=$element.offset().top)<windowHeight)&&$element.css("min-height",100-offsetTop/(windowHeight/100)+"vh"),$(document).trigger("vc-full-height-row",$element)}$(window).off("resize.vcRowBehaviour").on("resize.vcRowBeha


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          64192.168.2.449811104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC796OUTGET /wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: script
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912402.55.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC786INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:23 GMT
                                                                                                                                                                                                                          Content-Type: application/javascript
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Thu, 30 Mar 2023 07:50:11 GMT
                                                                                                                                                                                                                          ETag: W/"41036-1feb-5f8195799aff9-gzip"
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: HIT
                                                                                                                                                                                                                          Age: 6499
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aWEqA11zxQicI3jHNFfYTlSH6FQE14kkJkvD3YbUvFS0rdN9QptlMG6JWTN1two%2FU49kB3qIHsJhf%2BkOPgHz7QxI1VoL5FuZOfhDZNm%2Bbue2c2easa0HocuCkaA%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c23bfa972896-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC583INData Raw: 31 66 65 62 0d 0a 21 66 75 6e 63 74 69 6f 6e 28 65 29 7b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 78 70 6f 72 74 73 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 7c 7c 22 66 75 6e 63 74 69 6f 6e 22 21 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 7c 7c 21 64 65 66 69 6e 65 2e 61 6d 64 3f 65 28 29 3a 64 65 66 69 6e 65 28 22 69 6e 65 72 74 22 2c 65 29 7d 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 65 2c 74 2c 6e 2c 69 2c 6f 2c 72 2c 73 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 72 65 74 75 72 6e 20 74 26 26 61 28 65 2e 70 72 6f 74 6f 74 79 70 65 2c 74 29 2c 6e 26 26 61 28 65 2c 6e 29 2c 65 7d 3b 66 75 6e 63 74 69 6f 6e 20 61 28 65 2c 74 29 7b 66 6f 72 28 76
                                                                                                                                                                                                                          Data Ascii: 1feb!function(e){"object"==typeof exports&&"undefined"!=typeof module||"function"!=typeof define||!define.amd?e():define("inert",e)}((function(){"use strict";var e,t,n,i,o,r,s=function(e,t,n){return t&&a(e.prototype,t),n&&a(e,n),e};function a(e,t){for(v
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 20 53 65 74 2c 74 68 69 73 2e 5f 72 6f 6f 74 45 6c 65 6d 65 6e 74 2e 68 61 73 41 74 74 72 69 62 75 74 65 28 22 61 72 69 61 2d 68 69 64 64 65 6e 22 29 3f 74 68 69 73 2e 5f 73 61 76 65 64 41 72 69 61 48 69 64 64 65 6e 3d 74 68 69 73 2e 5f 72 6f 6f 74 45 6c 65 6d 65 6e 74 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 61 72 69 61 2d 68 69 64 64 65 6e 22 29 3a 74 68 69 73 2e 5f 73 61 76 65 64 41 72 69 61 48 69 64 64 65 6e 3d 6e 75 6c 6c 2c 74 68 69 73 2e 5f 72 6f 6f 74 45 6c 65 6d 65 6e 74 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 61 72 69 61 2d 68 69 64 64 65 6e 22 2c 22 74 72 75 65 22 29 2c 74 68 69 73 2e 5f 6d 61 6b 65 53 75 62 74 72 65 65 55 6e 66 6f 63 75 73 61 62 6c 65 28 74 68 69 73 2e 5f 72 6f 6f 74 45 6c 65 6d 65 6e 74 29 2c 74 68 69 73 2e 5f 6f 62
                                                                                                                                                                                                                          Data Ascii: Set,this._rootElement.hasAttribute("aria-hidden")?this._savedAriaHidden=this._rootElement.getAttribute("aria-hidden"):this._savedAriaHidden=null,this._rootElement.setAttribute("aria-hidden","true"),this._makeSubtreeUnfocusable(this._rootElement),this._ob
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 63 28 75 2c 74 2c 6e 29 2c 75 3d 75 2e 6e 65 78 74 53 69 62 6c 69 6e 67 7d 66 75 6e 63 74 69 6f 6e 20 5f 28 65 29 7b 76 61 72 20 74 3b 65 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 28 22 73 74 79 6c 65 23 69 6e 65 72 74 2d 73 74 79 6c 65 2c 20 6c 69 6e 6b 23 69 6e 65 72 74 2d 73 74 79 6c 65 22 29 7c 7c 28 28 74 3d 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 73 74 79 6c 65 22 29 29 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 69 64 22 2c 22 69 6e 65 72 74 2d 73 74 79 6c 65 22 29 2c 74 2e 74 65 78 74 43 6f 6e 74 65 6e 74 3d 22 5c 6e 5b 69 6e 65 72 74 5d 20 7b 5c 6e 20 20 70 6f 69 6e 74 65 72 2d 65 76 65 6e 74 73 3a 20 6e 6f 6e 65 3b 5c 6e 20 20 63 75 72 73 6f 72 3a 20 64 65 66 61 75 6c 74 3b 5c 6e 7d 5c 6e 5c 6e 5b 69 6e 65 72 74
                                                                                                                                                                                                                          Data Ascii: c(u,t,n),u=u.nextSibling}function _(e){var t;e.querySelector("style#inert-style, link#inert-style")||((t=document.createElement("style")).setAttribute("id","inert-style"),t.textContent="\n[inert] {\n pointer-events: none;\n cursor: default;\n}\n\n[inert
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 70 61 72 65 6e 74 4e 6f 64 65 7d 6f 26 26 28 6e 3d 6f 2e 61 63 74 69 76 65 45 6c 65 6d 65 6e 74 29 7d 65 2e 63 6f 6e 74 61 69 6e 73 28 6e 29 26 26 28 6e 2e 62 6c 75 72 28 29 2c 6e 3d 3d 3d 64 6f 63 75 6d 65 6e 74 2e 61 63 74 69 76 65 45 6c 65 6d 65 6e 74 26 26 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 2e 66 6f 63 75 73 28 29 29 7d 7d 2c 7b 6b 65 79 3a 22 5f 76 69 73 69 74 4e 6f 64 65 22 2c 76 61 6c 75 65 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 2e 6e 6f 64 65 54 79 70 65 3d 3d 3d 4e 6f 64 65 2e 45 4c 45 4d 45 4e 54 5f 4e 4f 44 45 26 26 28 65 21 3d 3d 74 68 69 73 2e 5f 72 6f 6f 74 45 6c 65 6d 65 6e 74 26 26 65 2e 68 61 73 41 74 74 72 69 62 75 74 65 28 22 69 6e 65 72 74 22 29 26 26 74 68 69 73 2e 5f 61 64 6f 70 74 49 6e 65 72 74 52 6f 6f 74 28 65 29 2c 28 74
                                                                                                                                                                                                                          Data Ascii: parentNode}o&&(n=o.activeElement)}e.contains(n)&&(n.blur(),n===document.activeElement&&document.body.focus())}},{key:"_visitNode",value:function(e){e.nodeType===Node.ELEMENT_NODE&&(e!==this._rootElement&&e.hasAttribute("inert")&&this._adoptInertRoot(e),(t
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 69 6f 6e 28 65 29 7b 69 2e 63 6f 6e 74 61 69 6e 73 28 65 2e 6e 6f 64 65 29 26 26 6e 2e 5f 6d 61 6e 61 67 65 4e 6f 64 65 28 65 2e 6e 6f 64 65 29 7d 29 29 29 29 7d 29 2c 74 68 69 73 29 7d 7d 2c 7b 6b 65 79 3a 22 6d 61 6e 61 67 65 64 4e 6f 64 65 73 22 2c 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6e 65 77 20 53 65 74 28 74 68 69 73 2e 5f 6d 61 6e 61 67 65 64 4e 6f 64 65 73 29 7d 7d 2c 7b 6b 65 79 3a 22 68 61 73 53 61 76 65 64 41 72 69 61 48 69 64 64 65 6e 22 2c 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6e 75 6c 6c 21 3d 3d 74 68 69 73 2e 5f 73 61 76 65 64 41 72 69 61 48 69 64 64 65 6e 7d 7d 2c 7b 6b 65 79 3a 22 73 61 76 65 64 41 72 69 61 48 69 64 64 65 6e 22 2c 73 65 74 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 74
                                                                                                                                                                                                                          Data Ascii: ion(e){i.contains(e.node)&&n._manageNode(e.node)}))))}),this)}},{key:"managedNodes",get:function(){return new Set(this._managedNodes)}},{key:"hasSavedAriaHidden",get:function(){return null!==this._savedAriaHidden}},{key:"savedAriaHidden",set:function(e){t
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 64 28 29 2c 74 68 69 73 2e 5f 69 6e 65 72 74 52 6f 6f 74 73 2e 64 65 6c 65 74 65 28 65 29 2c 30 3d 3d 3d 74 68 69 73 2e 5f 69 6e 65 72 74 52 6f 6f 74 73 2e 73 69 7a 65 26 26 74 68 69 73 2e 64 65 73 74 72 75 63 74 6f 72 28 29 7d 7d 2c 7b 6b 65 79 3a 22 64 65 73 74 72 6f 79 65 64 22 2c 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 5f 64 65 73 74 72 6f 79 65 64 7d 7d 2c 7b 6b 65 79 3a 22 68 61 73 53 61 76 65 64 54 61 62 49 6e 64 65 78 22 2c 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6e 75 6c 6c 21 3d 3d 74 68 69 73 2e 5f 73 61 76 65 64 54 61 62 49 6e 64 65 78 7d 7d 2c 7b 6b 65 79 3a 22 6e 6f 64 65 22 2c 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 5f 74 68 72 6f 77
                                                                                                                                                                                                                          Data Ascii: d(),this._inertRoots.delete(e),0===this._inertRoots.size&&this.destructor()}},{key:"destroyed",get:function(){return this._destroyed}},{key:"hasSavedTabIndex",get:function(){return null!==this._savedTabIndex}},{key:"node",get:function(){return this._throw
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC751INData Raw: 74 68 69 73 2e 5f 64 6f 63 75 6d 65 6e 74 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2c 7b 61 74 74 72 69 62 75 74 65 73 3a 21 30 2c 73 75 62 74 72 65 65 3a 21 30 2c 63 68 69 6c 64 4c 69 73 74 3a 21 30 7d 29 7d 7d 2c 7b 6b 65 79 3a 22 5f 77 61 74 63 68 46 6f 72 49 6e 65 72 74 22 2c 76 61 6c 75 65 3a 66 75 6e 63 74 69 6f 6e 28 6e 2c 69 29 7b 76 61 72 20 6f 3d 74 68 69 73 3b 6e 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 73 77 69 74 63 68 28 6e 2e 74 79 70 65 29 7b 63 61 73 65 22 63 68 69 6c 64 4c 69 73 74 22 3a 65 2e 63 61 6c 6c 28 6e 2e 61 64 64 65 64 4e 6f 64 65 73 29 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 76 61 72 20 69 3b 6e 2e 6e 6f 64 65 54 79 70 65 3d 3d 3d 4e 6f 64 65 2e 45 4c 45 4d 45 4e 54 5f
                                                                                                                                                                                                                          Data Ascii: this._document.documentElement,{attributes:!0,subtree:!0,childList:!0})}},{key:"_watchForInert",value:function(n,i){var o=this;n.forEach((function(n){switch(n.type){case"childList":e.call(n.addedNodes).forEach((function(n){var i;n.nodeType===Node.ELEMENT_
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          65192.168.2.449812104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC556OUTGET /wp-content/themes/meminz/img/pricing-line.png HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912402.55.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC895INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:23 GMT
                                                                                                                                                                                                                          Content-Type: image/png
                                                                                                                                                                                                                          Content-Length: 147
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: max-age=3600
                                                                                                                                                                                                                          Cf-Bgj: imgq:100,h2pri
                                                                                                                                                                                                                          Cf-Polished: origSize=216
                                                                                                                                                                                                                          ETag: "103ac7-d8-50cdb39a46700"
                                                                                                                                                                                                                          Expires: Sun, 05 May 2024 13:06:18 GMT
                                                                                                                                                                                                                          Last-Modified: Sat, 17 Jan 2015 16:03:08 GMT
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Vary: Accept
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: HIT
                                                                                                                                                                                                                          Age: 1625
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EQqyW1P0HUJJqgOOSmJC6raN%2BfX0%2Fg2ukrvzNopR%2BSiJSnJe0JWJrqWpjQyrlKKe7II5TznGQMob%2FzWKcfXeuIPSLbtm7pp5wPtHBjb%2Fn8PGoul15iqUkKjljrA%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c23c5bb63928-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC147INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 1c 00 00 00 01 08 04 00 00 00 a6 c2 d9 9a 00 00 00 5a 49 44 41 54 78 da e5 8d c1 0d 80 30 0c 03 93 06 f6 5f 8b a1 68 8b ec 9e e0 d1 11 88 75 b6 f3 49 f2 ca 58 93 02 35 61 15 3a 04 2a fc 8c 7a 7b b3 57 a4 ba d0 0d 3c e4 4a a0 e1 5b fe 7a e6 b6 ed 39 95 66 08 ef 43 c8 4d 77 ef 02 dd 20 b7 d8 ed 68 18 6e a0 ef 67 ae 46 e6 03 9e 5b 3b cb 63 f0 68 29 00 00 00 00 49 45 4e 44 ae 42 60 82
                                                                                                                                                                                                                          Data Ascii: PNGIHDRZIDATx0_huIX5a:*z{W<J[z9fCMw hngF[;ch)IENDB`


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          66192.168.2.449813104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC799OUTGET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: script
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912402.55.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC786INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:23 GMT
                                                                                                                                                                                                                          Content-Type: application/javascript
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Tue, 07 Nov 2023 20:47:19 GMT
                                                                                                                                                                                                                          ETag: W/"3f695-19e1-60996139ef622-gzip"
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: HIT
                                                                                                                                                                                                                          Age: 6499
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uXPI%2Bkyy2i4jDl09fG5VjYBSnnW8NRPtnu8%2BUe3ifZZFA8xiRMKnow3BmeWJwIBiUF6RjRFwH0Fri0xfBjBjP5qsc9pJesr1d95Me9dzZWDsbtLVb4dW%2F5s3Ofs%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c23c99552899-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC583INData Raw: 31 39 65 31 0d 0a 76 61 72 20 72 75 6e 74 69 6d 65 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 65 2c 72 3d 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2c 6e 3d 72 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2c 6f 3d 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 7c 7c 66 75 6e 63 74 69 6f 6e 28 74 2c 65 2c 72 29 7b 74 5b 65 5d 3d 72 2e 76 61 6c 75 65 7d 2c 69 3d 28 77 3d 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 3f 53 79 6d 62 6f 6c 3a 7b 7d 29 2e 69 74 65 72 61 74 6f 72 7c 7c 22 40 40 69 74 65 72 61 74 6f 72 22 2c 61 3d 77 2e 61 73 79 6e 63 49 74 65 72 61 74 6f 72 7c 7c 22 40 40 61 73 79 6e 63 49 74 65 72 61 74 6f 72 22 2c 63 3d 77 2e 74 6f 53 74 72 69 6e
                                                                                                                                                                                                                          Data Ascii: 19e1var runtime=function(t){"use strict";var e,r=Object.prototype,n=r.hasOwnProperty,o=Object.defineProperty||function(t,e,r){t[e]=r.value},i=(w="function"==typeof Symbol?Symbol:{}).iterator||"@@iterator",a=w.asyncIterator||"@@asyncIterator",c=w.toStrin
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 2c 63 3d 6e 2c 75 3d 69 2c 68 3d 66 2c 66 75 6e 63 74 69 6f 6e 28 74 2c 72 29 7b 69 66 28 68 3d 3d 3d 70 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 47 65 6e 65 72 61 74 6f 72 20 69 73 20 61 6c 72 65 61 64 79 20 72 75 6e 6e 69 6e 67 22 29 3b 69 66 28 68 3d 3d 3d 79 29 7b 69 66 28 22 74 68 72 6f 77 22 3d 3d 3d 74 29 74 68 72 6f 77 20 72 3b 72 65 74 75 72 6e 7b 76 61 6c 75 65 3a 65 2c 64 6f 6e 65 3a 21 30 7d 7d 66 6f 72 28 75 2e 6d 65 74 68 6f 64 3d 74 2c 75 2e 61 72 67 3d 72 3b 3b 29 7b 76 61 72 20 6e 3d 75 2e 64 65 6c 65 67 61 74 65 3b 69 66 28 6e 26 26 28 6e 3d 66 75 6e 63 74 69 6f 6e 20 74 28 72 2c 6e 29 7b 76 61 72 20 6f 3d 6e 2e 6d 65 74 68 6f 64 2c 69 3d 72 2e 69 74 65 72 61 74 6f 72 5b 6f 5d 3b 72 65 74 75 72 6e 20 69 3d 3d 3d 65 3f 28 6e
                                                                                                                                                                                                                          Data Ascii: ,c=n,u=i,h=f,function(t,r){if(h===p)throw new Error("Generator is already running");if(h===y){if("throw"===t)throw r;return{value:e,done:!0}}for(u.method=t,u.arg=r;;){var n=u.delegate;if(n&&(n=function t(r,n){var o=n.method,i=r.iterator[o];return i===e?(n
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 2c 62 2c 4c 3d 28 28 62 3d 28 62 3d 28 75 28 77 3d 7b 7d 2c 69 2c 28 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 7d 29 29 2c 4f 62 6a 65 63 74 2e 67 65 74 50 72 6f 74 6f 74 79 70 65 4f 66 29 29 26 26 62 28 62 28 6b 28 5b 5d 29 29 29 29 26 26 62 21 3d 3d 72 26 26 6e 2e 63 61 6c 6c 28 62 2c 69 29 26 26 28 77 3d 62 29 2c 6d 2e 70 72 6f 74 6f 74 79 70 65 3d 76 2e 70 72 6f 74 6f 74 79 70 65 3d 4f 62 6a 65 63 74 2e 63 72 65 61 74 65 28 77 29 29 3b 66 75 6e 63 74 69 6f 6e 20 78 28 74 29 7b 5b 22 6e 65 78 74 22 2c 22 74 68 72 6f 77 22 2c 22 72 65 74 75 72 6e 22 5d 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 75 28 74 2c 65 2c 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 5f 69 6e 76 6f 6b 65
                                                                                                                                                                                                                          Data Ascii: ,b,L=((b=(b=(u(w={},i,(function(){return this})),Object.getPrototypeOf))&&b(b(k([]))))&&b!==r&&n.call(b,i)&&(w=b),m.prototype=v.prototype=Object.create(w));function x(t){["next","throw","return"].forEach((function(e){u(t,e,(function(t){return this._invoke
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 67 75 72 61 62 6c 65 3a 21 30 7d 29 2c 6f 28 6d 2c 22 63 6f 6e 73 74 72 75 63 74 6f 72 22 2c 7b 76 61 6c 75 65 3a 64 2c 63 6f 6e 66 69 67 75 72 61 62 6c 65 3a 21 30 7d 29 2c 64 2e 64 69 73 70 6c 61 79 4e 61 6d 65 3d 75 28 6d 2c 63 2c 22 47 65 6e 65 72 61 74 6f 72 46 75 6e 63 74 69 6f 6e 22 29 2c 74 2e 69 73 47 65 6e 65 72 61 74 6f 72 46 75 6e 63 74 69 6f 6e 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 21 21 28 74 3d 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 74 26 26 74 2e 63 6f 6e 73 74 72 75 63 74 6f 72 29 26 26 28 74 3d 3d 3d 64 7c 7c 22 47 65 6e 65 72 61 74 6f 72 46 75 6e 63 74 69 6f 6e 22 3d 3d 3d 28 74 2e 64 69 73 70 6c 61 79 4e 61 6d 65 7c 7c 74 2e 6e 61 6d 65 29 29 7d 2c 74 2e 6d 61 72 6b 3d 66 75 6e 63 74 69 6f 6e 28 74
                                                                                                                                                                                                                          Data Ascii: gurable:!0}),o(m,"constructor",{value:d,configurable:!0}),d.displayName=u(m,c,"GeneratorFunction"),t.isGeneratorFunction=function(t){return!!(t="function"==typeof t&&t.constructor)&&(t===d||"GeneratorFunction"===(t.displayName||t.name))},t.mark=function(t
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC1369INData Raw: 2e 72 76 61 6c 7d 2c 64 69 73 70 61 74 63 68 45 78 63 65 70 74 69 6f 6e 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 69 66 28 74 68 69 73 2e 64 6f 6e 65 29 74 68 72 6f 77 20 74 3b 76 61 72 20 72 3d 74 68 69 73 3b 66 75 6e 63 74 69 6f 6e 20 6f 28 6e 2c 6f 29 7b 72 65 74 75 72 6e 20 63 2e 74 79 70 65 3d 22 74 68 72 6f 77 22 2c 63 2e 61 72 67 3d 74 2c 72 2e 6e 65 78 74 3d 6e 2c 6f 26 26 28 72 2e 6d 65 74 68 6f 64 3d 22 6e 65 78 74 22 2c 72 2e 61 72 67 3d 65 29 2c 21 21 6f 7d 66 6f 72 28 76 61 72 20 69 3d 74 68 69 73 2e 74 72 79 45 6e 74 72 69 65 73 2e 6c 65 6e 67 74 68 2d 31 3b 30 3c 3d 69 3b 2d 2d 69 29 7b 76 61 72 20 61 3d 74 68 69 73 2e 74 72 79 45 6e 74 72 69 65 73 5b 69 5d 2c 63 3d 61 2e 63 6f 6d 70 6c 65 74 69 6f 6e 3b 69 66 28 22 72 6f 6f 74 22 3d 3d 3d 61
                                                                                                                                                                                                                          Data Ascii: .rval},dispatchException:function(t){if(this.done)throw t;var r=this;function o(n,o){return c.type="throw",c.arg=t,r.next=n,o&&(r.method="next",r.arg=e),!!o}for(var i=this.tryEntries.length-1;0<=i;--i){var a=this.tryEntries[i],c=a.completion;if("root"===a
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC574INData Raw: 74 65 28 72 2e 63 6f 6d 70 6c 65 74 69 6f 6e 2c 72 2e 61 66 74 65 72 4c 6f 63 29 2c 5f 28 72 29 2c 67 7d 7d 2c 63 61 74 63 68 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 66 6f 72 28 76 61 72 20 65 3d 74 68 69 73 2e 74 72 79 45 6e 74 72 69 65 73 2e 6c 65 6e 67 74 68 2d 31 3b 30 3c 3d 65 3b 2d 2d 65 29 7b 76 61 72 20 72 2c 6e 2c 6f 3d 74 68 69 73 2e 74 72 79 45 6e 74 72 69 65 73 5b 65 5d 3b 69 66 28 6f 2e 74 72 79 4c 6f 63 3d 3d 3d 74 29 72 65 74 75 72 6e 22 74 68 72 6f 77 22 3d 3d 3d 28 72 3d 6f 2e 63 6f 6d 70 6c 65 74 69 6f 6e 29 2e 74 79 70 65 26 26 28 6e 3d 72 2e 61 72 67 2c 5f 28 6f 29 29 2c 6e 7d 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 69 6c 6c 65 67 61 6c 20 63 61 74 63 68 20 61 74 74 65 6d 70 74 22 29 7d 2c 64 65 6c 65 67 61 74 65 59 69 65 6c
                                                                                                                                                                                                                          Data Ascii: te(r.completion,r.afterLoc),_(r),g}},catch:function(t){for(var e=this.tryEntries.length-1;0<=e;--e){var r,n,o=this.tryEntries[e];if(o.tryLoc===t)return"throw"===(r=o.completion).type&&(n=r.arg,_(o)),n}throw new Error("illegal catch attempt")},delegateYiel
                                                                                                                                                                                                                          2024-05-05 12:33:23 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          67192.168.2.449817104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:27 UTC791OUTGET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: script
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912402.55.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:27 UTC777INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:27 GMT
                                                                                                                                                                                                                          Content-Type: application/javascript
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Wed, 03 Apr 2024 15:53:31 GMT
                                                                                                                                                                                                                          ETag: W/"42814-96be-61533396f25ed-gzip"
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: EXPIRED
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x5EvguJoWw8i%2FDrWSCJn4liCmCRDXD62nfFRwLzqHF0lTtivz2xbUIzH0ihOkdTVEO10UYea6zksqUARWDnp7tzClfprr5ZeTH9B0b65i5979rIBHvWBmqB5%2Fxg%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c252fd103910-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:27 UTC592INData Raw: 37 63 61 62 0d 0a 21 66 75 6e 63 74 69 6f 6e 28 72 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 74 2c 65 2c 6e 3b 65 3d 7b 7d 2c 28 6e 3d 66 75 6e 63 74 69 6f 6e 28 72 29 7b 69 66 28 65 5b 72 5d 29 72 65 74 75 72 6e 20 65 5b 72 5d 2e 65 78 70 6f 72 74 73 3b 76 61 72 20 6f 3d 65 5b 72 5d 3d 7b 69 3a 72 2c 6c 3a 21 31 2c 65 78 70 6f 72 74 73 3a 7b 7d 7d 3b 72 65 74 75 72 6e 20 74 5b 72 5d 2e 63 61 6c 6c 28 6f 2e 65 78 70 6f 72 74 73 2c 6f 2c 6f 2e 65 78 70 6f 72 74 73 2c 6e 29 2c 6f 2e 6c 3d 21 30 2c 6f 2e 65 78 70 6f 72 74 73 7d 29 2e 6d 3d 74 3d 5b 66 75 6e 63 74 69 6f 6e 28 72 2c 74 2c 65 29 7b 65 28 31 29 2c 65 28 37 30 29 2c 65 28 37 37 29 2c 65 28 38 30 29 2c 65 28 38 31 29 2c 65 28 38 33 29 2c 65 28 39 35 29 2c 65 28 39 36 29 2c 65 28 39
                                                                                                                                                                                                                          Data Ascii: 7cab!function(r){"use strict";var t,e,n;e={},(n=function(r){if(e[r])return e[r].exports;var o=e[r]={i:r,l:!1,exports:{}};return t[r].call(o.exports,o,o.exports,n),o.l=!0,o.exports}).m=t=[function(r,t,e){e(1),e(70),e(77),e(80),e(81),e(83),e(95),e(96),e(9
                                                                                                                                                                                                                          2024-05-05 12:33:27 UTC1369INData Raw: 68 28 29 7d 63 61 74 63 68 28 72 29 7b 72 65 74 75 72 6e 20 72 20 69 6e 73 74 61 6e 63 65 6f 66 20 54 79 70 65 45 72 72 6f 72 7d 7d 28 29 7d 2c 7b 70 75 73 68 3a 66 75 6e 63 74 69 6f 6e 28 72 29 7b 76 61 72 20 74 3d 6f 28 74 68 69 73 29 2c 65 3d 61 28 74 29 2c 6e 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 69 28 65 2b 6e 29 3b 66 6f 72 28 76 61 72 20 75 3d 30 3b 75 3c 6e 3b 75 2b 2b 29 74 5b 65 5d 3d 61 72 67 75 6d 65 6e 74 73 5b 75 5d 2c 65 2b 2b 3b 72 65 74 75 72 6e 20 63 28 74 2c 65 29 2c 65 7d 7d 29 7d 2c 66 75 6e 63 74 69 6f 6e 28 74 2c 65 2c 6e 29 7b 76 61 72 20 6f 3d 6e 28 33 29 2c 61 3d 6e 28 34 29 2e 66 2c 63 3d 6e 28 34 32 29 2c 69 3d 6e 28 34 36 29 2c 75 3d 6e 28 33 36 29 2c 66 3d 6e 28 35 34 29 2c 73 3d 6e 28 36 36 29 3b 74 2e 65 78
                                                                                                                                                                                                                          Data Ascii: h()}catch(r){return r instanceof TypeError}}()},{push:function(r){var t=o(this),e=a(t),n=arguments.length;i(e+n);for(var u=0;u<n;u++)t[e]=arguments[u],e++;return c(t,e),e}})},function(t,e,n){var o=n(3),a=n(4).f,c=n(42),i=n(46),u=n(36),f=n(54),s=n(66);t.ex
                                                                                                                                                                                                                          2024-05-05 12:33:27 UTC1369INData Raw: 72 6e 20 6e 2e 61 70 70 6c 79 28 6e 2c 61 72 67 75 6d 65 6e 74 73 29 7d 7d 2c 66 75 6e 63 74 69 6f 6e 28 72 2c 74 2c 65 29 7b 65 3d 65 28 36 29 2c 72 2e 65 78 70 6f 72 74 73 3d 21 65 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 72 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 2e 62 69 6e 64 28 29 3b 72 65 74 75 72 6e 22 66 75 6e 63 74 69 6f 6e 22 21 3d 74 79 70 65 6f 66 20 72 7c 7c 72 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 22 70 72 6f 74 6f 74 79 70 65 22 29 7d 29 29 7d 2c 66 75 6e 63 74 69 6f 6e 28 72 2c 74 2c 65 29 7b 76 61 72 20 6e 3d 7b 7d 2e 70 72 6f 70 65 72 74 79 49 73 45 6e 75 6d 65 72 61 62 6c 65 2c 6f 3d 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 44 65 73 63 72 69 70 74 6f 72 2c 61 3d 6f 26 26 21 6e 2e 63 61 6c 6c 28
                                                                                                                                                                                                                          Data Ascii: rn n.apply(n,arguments)}},function(r,t,e){e=e(6),r.exports=!e((function(){var r=function(){}.bind();return"function"!=typeof r||r.hasOwnProperty("prototype")}))},function(r,t,e){var n={}.propertyIsEnumerable,o=Object.getOwnPropertyDescriptor,a=o&&!n.call(
                                                                                                                                                                                                                          2024-05-05 12:33:27 UTC1369INData Raw: 72 6e 20 74 3b 76 61 72 20 6e 3d 69 28 74 2c 73 29 3b 69 66 28 6e 29 7b 69 66 28 6e 3d 6f 28 6e 2c 74 2c 65 3d 65 3d 3d 3d 72 3f 22 64 65 66 61 75 6c 74 22 3a 65 29 2c 21 61 28 6e 29 7c 7c 63 28 6e 29 29 72 65 74 75 72 6e 20 6e 3b 74 68 72 6f 77 20 6e 65 77 20 66 28 22 43 61 6e 27 74 20 63 6f 6e 76 65 72 74 20 6f 62 6a 65 63 74 20 74 6f 20 70 72 69 6d 69 74 69 76 65 20 76 61 6c 75 65 22 29 7d 72 65 74 75 72 6e 20 75 28 74 2c 65 3d 65 3d 3d 3d 72 3f 22 6e 75 6d 62 65 72 22 3a 65 29 7d 7d 2c 66 75 6e 63 74 69 6f 6e 28 72 2c 74 2c 65 29 7b 76 61 72 20 6e 3d 65 28 32 30 29 3b 72 2e 65 78 70 6f 72 74 73 3d 66 75 6e 63 74 69 6f 6e 28 72 29 7b 72 65 74 75 72 6e 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 72 3f 6e 75 6c 6c 21 3d 3d 72 3a 6e 28 72 29 7d 7d
                                                                                                                                                                                                                          Data Ascii: rn t;var n=i(t,s);if(n){if(n=o(n,t,e=e===r?"default":e),!a(n)||c(n))return n;throw new f("Can't convert object to primitive value")}return u(t,e=e===r?"number":e)}},function(r,t,e){var n=e(20);r.exports=function(r){return"object"==typeof r?null!==r:n(r)}}
                                                                                                                                                                                                                          2024-05-05 12:33:27 UTC1369INData Raw: 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 6e 61 76 69 67 61 74 6f 72 26 26 53 74 72 69 6e 67 28 6e 61 76 69 67 61 74 6f 72 2e 75 73 65 72 41 67 65 6e 74 29 7c 7c 22 22 7d 2c 66 75 6e 63 74 69 6f 6e 28 74 2c 65 2c 6e 29 7b 76 61 72 20 6f 3d 6e 28 32 39 29 2c 61 3d 6e 28 31 36 29 3b 74 2e 65 78 70 6f 72 74 73 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 72 65 74 75 72 6e 20 65 3d 74 5b 65 5d 2c 61 28 65 29 3f 72 3a 6f 28 65 29 7d 7d 2c 66 75 6e 63 74 69 6f 6e 28 72 2c 74 2c 65 29 7b 76 61 72 20 6e 3d 65 28 32 30 29 2c 6f 3d 65 28 33 30 29 2c 61 3d 54 79 70 65 45 72 72 6f 72 3b 72 2e 65 78 70 6f 72 74 73 3d 66 75 6e 63 74 69 6f 6e 28 72 29 7b 69 66 28 6e 28 72 29 29 72 65 74 75 72 6e 20 72 3b 74 68 72 6f 77 20 6e 65 77 20 61 28 6f 28 72 29 2b 22 20 69 73
                                                                                                                                                                                                                          Data Ascii: fined"!=typeof navigator&&String(navigator.userAgent)||""},function(t,e,n){var o=n(29),a=n(16);t.exports=function(t,e){return e=t[e],a(e)?r:o(e)}},function(r,t,e){var n=e(20),o=e(30),a=TypeError;r.exports=function(r){if(n(r))return r;throw new a(o(r)+" is
                                                                                                                                                                                                                          2024-05-05 12:33:27 UTC1369INData Raw: 6f 72 74 73 3d 66 75 6e 63 74 69 6f 6e 28 72 2c 74 29 7b 74 72 79 7b 6f 28 6e 2c 72 2c 7b 76 61 6c 75 65 3a 74 2c 63 6f 6e 66 69 67 75 72 61 62 6c 65 3a 21 30 2c 77 72 69 74 61 62 6c 65 3a 21 30 7d 29 7d 63 61 74 63 68 28 65 29 7b 6e 5b 72 5d 3d 74 7d 72 65 74 75 72 6e 20 74 7d 7d 2c 66 75 6e 63 74 69 6f 6e 28 72 2c 74 2c 65 29 7b 76 61 72 20 6e 3d 65 28 31 33 29 2c 6f 3d 65 28 33 38 29 2c 61 3d 6e 28 7b 7d 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 29 3b 72 2e 65 78 70 6f 72 74 73 3d 4f 62 6a 65 63 74 2e 68 61 73 4f 77 6e 7c 7c 66 75 6e 63 74 69 6f 6e 28 72 2c 74 29 7b 72 65 74 75 72 6e 20 61 28 6f 28 72 29 2c 74 29 7d 7d 2c 66 75 6e 63 74 69 6f 6e 28 72 2c 74 2c 65 29 7b 76 61 72 20 6e 3d 65 28 31 35 29 2c 6f 3d 4f 62 6a 65 63 74 3b 72 2e 65 78 70 6f
                                                                                                                                                                                                                          Data Ascii: orts=function(r,t){try{o(n,r,{value:t,configurable:!0,writable:!0})}catch(e){n[r]=t}return t}},function(r,t,e){var n=e(13),o=e(38),a=n({}.hasOwnProperty);r.exports=Object.hasOwn||function(r,t){return a(o(r),t)}},function(r,t,e){var n=e(15),o=Object;r.expo
                                                                                                                                                                                                                          2024-05-05 12:33:27 UTC1369INData Raw: 70 6f 72 74 65 64 22 29 3b 72 65 74 75 72 6e 22 76 61 6c 75 65 22 69 6e 20 65 26 26 28 72 5b 74 5d 3d 65 2e 76 61 6c 75 65 29 2c 72 7d 7d 2c 66 75 6e 63 74 69 6f 6e 28 72 2c 74 2c 65 29 7b 76 61 72 20 6e 3d 65 28 35 29 3b 65 3d 65 28 36 29 3b 72 2e 65 78 70 6f 72 74 73 3d 6e 26 26 65 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 34 32 21 3d 3d 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 29 2c 22 70 72 6f 74 6f 74 79 70 65 22 2c 7b 76 61 6c 75 65 3a 34 32 2c 77 72 69 74 61 62 6c 65 3a 21 31 7d 29 2e 70 72 6f 74 6f 74 79 70 65 7d 29 29 7d 2c 66 75 6e 63 74 69 6f 6e 28 72 2c 74 2c 65 29 7b 76 61 72 20 6e 3d 65 28 31 39 29 2c 6f 3d 53 74 72 69 6e 67 2c 61 3d 54 79 70 65 45 72 72 6f 72
                                                                                                                                                                                                                          Data Ascii: ported");return"value"in e&&(r[t]=e.value),r}},function(r,t,e){var n=e(5);e=e(6);r.exports=n&&e((function(){return 42!==Object.defineProperty((function(){}),"prototype",{value:42,writable:!1}).prototype}))},function(r,t,e){var n=e(19),o=String,a=TypeError
                                                                                                                                                                                                                          2024-05-05 12:33:27 UTC1369INData Raw: 72 6f 74 6f 74 79 70 65 3d 72 29 7d 63 61 74 63 68 28 74 29 7b 7d 72 65 74 75 72 6e 20 6e 3d 70 28 74 29 2c 69 28 6e 2c 22 73 6f 75 72 63 65 22 29 7c 7c 28 6e 2e 73 6f 75 72 63 65 3d 64 28 6d 2c 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 65 3f 65 3a 22 22 29 29 2c 74 7d 3b 46 75 6e 63 74 69 6f 6e 2e 70 72 6f 74 6f 74 79 70 65 2e 74 6f 53 74 72 69 6e 67 3d 74 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 63 28 74 68 69 73 29 26 26 6c 28 74 68 69 73 29 2e 73 6f 75 72 63 65 7c 7c 73 28 74 68 69 73 29 7d 29 2c 22 74 6f 53 74 72 69 6e 67 22 29 7d 2c 66 75 6e 63 74 69 6f 6e 28 72 2c 74 2c 65 29 7b 76 61 72 20 6e 3d 65 28 35 29 2c 6f 3d 65 28 33 37 29 2c 61 3d 46 75 6e 63 74 69 6f 6e 2e 70 72 6f 74 6f 74 79 70 65 2c 63 3d 6e 26 26 4f 62 6a
                                                                                                                                                                                                                          Data Ascii: rototype=r)}catch(t){}return n=p(t),i(n,"source")||(n.source=d(m,"string"==typeof e?e:"")),t};Function.prototype.toString=t((function(){return c(this)&&l(this).source||s(this)}),"toString")},function(r,t,e){var n=e(5),o=e(37),a=Function.prototype,c=n&&Obj
                                                                                                                                                                                                                          2024-05-05 12:33:27 UTC1369INData Raw: 65 78 70 6f 72 74 73 3d 65 28 6e 29 26 26 2f 6e 61 74 69 76 65 20 63 6f 64 65 2f 2e 74 65 73 74 28 53 74 72 69 6e 67 28 6e 29 29 7d 2c 66 75 6e 63 74 69 6f 6e 28 72 2c 74 2c 65 29 7b 76 61 72 20 6e 3d 65 28 33 33 29 2c 6f 3d 65 28 33 39 29 2c 61 3d 6e 28 22 6b 65 79 73 22 29 3b 72 2e 65 78 70 6f 72 74 73 3d 66 75 6e 63 74 69 6f 6e 28 72 29 7b 72 65 74 75 72 6e 20 61 5b 72 5d 7c 7c 28 61 5b 72 5d 3d 6f 28 72 29 29 7d 7d 2c 66 75 6e 63 74 69 6f 6e 28 72 2c 74 2c 65 29 7b 72 2e 65 78 70 6f 72 74 73 3d 7b 7d 7d 2c 66 75 6e 63 74 69 6f 6e 28 72 2c 74 2c 65 29 7b 76 61 72 20 6e 3d 65 28 33 37 29 2c 6f 3d 65 28 35 35 29 2c 61 3d 65 28 34 29 2c 63 3d 65 28 34 33 29 3b 72 2e 65 78 70 6f 72 74 73 3d 66 75 6e 63 74 69 6f 6e 28 72 2c 74 2c 65 29 7b 66 6f 72 28 76 61
                                                                                                                                                                                                                          Data Ascii: exports=e(n)&&/native code/.test(String(n))},function(r,t,e){var n=e(33),o=e(39),a=n("keys");r.exports=function(r){return a[r]||(a[r]=o(r))}},function(r,t,e){r.exports={}},function(r,t,e){var n=e(37),o=e(55),a=e(4),c=e(43);r.exports=function(r,t,e){for(va
                                                                                                                                                                                                                          2024-05-05 12:33:27 UTC1369INData Raw: 70 6f 72 74 73 3d 4d 61 74 68 2e 74 72 75 6e 63 7c 7c 66 75 6e 63 74 69 6f 6e 28 72 29 7b 72 65 74 75 72 6e 28 30 3c 28 72 3d 2b 72 29 3f 6f 3a 6e 29 28 72 29 7d 7d 2c 66 75 6e 63 74 69 6f 6e 28 72 2c 74 2c 65 29 7b 76 61 72 20 6e 3d 65 28 36 33 29 3b 72 2e 65 78 70 6f 72 74 73 3d 66 75 6e 63 74 69 6f 6e 28 72 29 7b 72 65 74 75 72 6e 20 6e 28 72 2e 6c 65 6e 67 74 68 29 7d 7d 2c 66 75 6e 63 74 69 6f 6e 28 72 2c 74 2c 65 29 7b 76 61 72 20 6e 3d 65 28 36 30 29 2c 6f 3d 4d 61 74 68 2e 6d 69 6e 3b 72 2e 65 78 70 6f 72 74 73 3d 66 75 6e 63 74 69 6f 6e 28 72 29 7b 72 65 74 75 72 6e 20 30 3c 28 72 3d 6e 28 72 29 29 3f 6f 28 72 2c 39 30 30 37 31 39 39 32 35 34 37 34 30 39 39 31 29 3a 30 7d 7d 2c 66 75 6e 63 74 69 6f 6e 28 72 2c 74 2c 65 29 7b 72 2e 65 78 70 6f 72
                                                                                                                                                                                                                          Data Ascii: ports=Math.trunc||function(r){return(0<(r=+r)?o:n)(r)}},function(r,t,e){var n=e(63);r.exports=function(r){return n(r.length)}},function(r,t,e){var n=e(60),o=Math.min;r.exports=function(r){return 0<(r=n(r))?o(r,9007199254740991):0}},function(r,t,e){r.expor


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          68192.168.2.449816104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:27 UTC534OUTGET /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912401.56.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:27 UTC817INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:27 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                          Content-Length: 1
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          X-Robots-Tag: noindex
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2FW9MSGzcX3E6AR95L1YoknA6iP48PSKeUiHxRFm%2Fk2yMHDUJsKHQh5yjtw5ppTmKR72iZzZ7qXkIQ7E3lc9t8Yf1X4RmzBJnjSXgbm8ZH9%2FoIb1feXpBWG%2Bqkc%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c252fad213bb-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:27 UTC1INData Raw: 30
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          69192.168.2.449815104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:27 UTC796OUTGET /wp-includes/js/dist/dom-ready.min.js?ver=f77871ff7694fffea381 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: script
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912402.55.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:27 UTC782INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:27 GMT
                                                                                                                                                                                                                          Content-Type: application/javascript
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Wed, 03 Apr 2024 15:53:31 GMT
                                                                                                                                                                                                                          ETag: W/"427d6-1c9-61533396f54cd-gzip"
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: EXPIRED
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kKQnZfFWYEs7t4FPy9J9iEzfYhwyxVWuukKUhM7aDOxafY3UFeR9gnH03xC0mhAl%2BLzxXjqQ2ghdn%2BK%2F5qM335zUugUxkFIfSAV%2B94dnLEQmJ7xI3l%2FGoPRuTs0%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c252fe680766-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:27 UTC464INData Raw: 31 63 39 0d 0a 2f 2a 21 20 54 68 69 73 20 66 69 6c 65 20 69 73 20 61 75 74 6f 2d 67 65 6e 65 72 61 74 65 64 20 2a 2f 0a 28 28 29 3d 3e 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 65 3d 7b 64 3a 28 74 2c 64 29 3d 3e 7b 66 6f 72 28 76 61 72 20 6f 20 69 6e 20 64 29 65 2e 6f 28 64 2c 6f 29 26 26 21 65 2e 6f 28 74 2c 6f 29 26 26 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 74 2c 6f 2c 7b 65 6e 75 6d 65 72 61 62 6c 65 3a 21 30 2c 67 65 74 3a 64 5b 6f 5d 7d 29 7d 2c 6f 3a 28 65 2c 74 29 3d 3e 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2e 63 61 6c 6c 28 65 2c 74 29 7d 2c 74 3d 7b 7d 3b 66 75 6e 63 74 69 6f 6e 20 64 28 65 29 7b 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66
                                                                                                                                                                                                                          Data Ascii: 1c9/*! This file is auto-generated */(()=>{"use strict";var e={d:(t,d)=>{for(var o in d)e.o(d,o)&&!e.o(t,o)&&Object.defineProperty(t,o,{enumerable:!0,get:d[o]})},o:(e,t)=>Object.prototype.hasOwnProperty.call(e,t)},t={};function d(e){"undefined"!=typeof
                                                                                                                                                                                                                          2024-05-05 12:33:27 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          70192.168.2.449814104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:27 UTC819OUTGET /wp-content/plugins/jetpack/_inc/blocks/subscriptions/view.js?minify=false&ver=13.3.1 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: script
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912402.55.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:27 UTC821INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:27 GMT
                                                                                                                                                                                                                          Content-Type: application/javascript
                                                                                                                                                                                                                          Content-Length: 4115
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cf-Bgj: minify
                                                                                                                                                                                                                          ETag: "10266b-1013-615c502d80caf-gzip"
                                                                                                                                                                                                                          Last-Modified: Wed, 10 Apr 2024 21:49:20 GMT
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: HIT
                                                                                                                                                                                                                          Age: 4623
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fA7v6BvQlxXYzpawCLNZcfGOjWnR2e20%2FuZ69bC245Dz0Q3HaJDFDKWpbUtygJxpiEKmWFdT6HnyAgxWSC%2FwuiHtJ7%2BGWSbTaWE7m6BBLI%2FyALZRb8h6oaM%2Bk8U%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c252f8c67007-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:27 UTC548INData Raw: 28 28 29 3d 3e 7b 76 61 72 20 65 3d 7b 36 33 31 36 36 3a 28 65 2c 74 2c 72 29 3d 3e 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 72 2e 64 28 74 2c 7b 4b 34 3a 28 29 3d 3e 6e 7d 29 3b 6c 65 74 20 6f 3d 22 22 3b 66 75 6e 63 74 69 6f 6e 20 73 28 65 29 7b 69 66 28 22 68 74 74 70 73 3a 2f 2f 73 75 62 73 63 72 69 62 65 2e 77 6f 72 64 70 72 65 73 73 2e 63 6f 6d 22 3d 3d 3d 65 2e 6f 72 69 67 69 6e 26 26 65 2e 64 61 74 61 29 7b 63 6f 6e 73 74 20 74 3d 4a 53 4f 4e 2e 70 61 72 73 65 28 65 2e 64 61 74 61 29 3b 69 66 28 74 26 26 74 2e 72 65 73 75 6c 74 26 26 74 2e 72 65 73 75 6c 74 2e 6a 77 74 5f 74 6f 6b 65 6e 26 26 28 6f 3d 74 2e 72 65 73 75 6c 74 2e 6a 77 74 5f 74 6f 6b 65 6e 2c 61 28 6f 29 29 2c 74 26 26 22 63 6c 6f 73 65 22 3d 3d 3d 74 2e 61 63 74 69 6f 6e 26 26 6f
                                                                                                                                                                                                                          Data Ascii: (()=>{var e={63166:(e,t,r)=>{"use strict";r.d(t,{K4:()=>n});let o="";function s(e){if("https://subscribe.wordpress.com"===e.origin&&e.data){const t=JSON.parse(e.data);if(t&&t.result&&t.result.jwt_token&&(o=t.result.jwt_token,a(o)),t&&"close"===t.action&&o
                                                                                                                                                                                                                          2024-05-05 12:33:27 UTC1369INData Raw: 28 22 6d 65 6d 62 65 72 73 68 69 70 73 2d 6d 6f 64 61 6c 2d 77 69 6e 64 6f 77 22 29 3b 74 26 26 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 2e 72 65 6d 6f 76 65 43 68 69 6c 64 28 74 29 3b 63 6f 6e 73 74 20 72 3d 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 64 69 61 6c 6f 67 22 29 3b 72 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 69 64 22 2c 22 6d 65 6d 62 65 72 73 68 69 70 73 2d 6d 6f 64 61 6c 2d 77 69 6e 64 6f 77 22 29 3b 63 6f 6e 73 74 20 6f 3d 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 69 66 72 61 6d 65 22 29 2c 6e 3d 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 28 27 69 6e 70 75 74 5b 6e 61 6d 65 3d 22 6c 61 6e 67 22 5d 27 29 3b 6c 65 74 20 61 3d 6e 75 6c 6c 3b 6e 26 26 28 61 3d
                                                                                                                                                                                                                          Data Ascii: ("memberships-modal-window");t&&document.body.removeChild(t);const r=document.createElement("dialog");r.setAttribute("id","memberships-modal-window");const o=document.createElement("iframe"),n=document.querySelector('input[name="lang"]');let a=null;n&&(a=
                                                                                                                                                                                                                          2024-05-05 12:33:27 UTC1369INData Raw: 3d 65 3d 3e 7b 76 61 72 20 74 3d 65 26 26 65 2e 5f 5f 65 73 4d 6f 64 75 6c 65 3f 28 29 3d 3e 65 2e 64 65 66 61 75 6c 74 3a 28 29 3d 3e 65 3b 72 65 74 75 72 6e 20 72 2e 64 28 74 2c 7b 61 3a 74 7d 29 2c 74 7d 2c 72 2e 64 3d 28 65 2c 74 29 3d 3e 7b 66 6f 72 28 76 61 72 20 6f 20 69 6e 20 74 29 72 2e 6f 28 74 2c 6f 29 26 26 21 72 2e 6f 28 65 2c 6f 29 26 26 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 65 2c 6f 2c 7b 65 6e 75 6d 65 72 61 62 6c 65 3a 21 30 2c 67 65 74 3a 74 5b 6f 5d 7d 29 7d 2c 72 2e 67 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 54 68 69 73 29 72 65 74 75 72 6e 20 67 6c 6f 62 61 6c 54 68 69 73 3b 74 72 79 7b 72 65 74 75 72 6e 20 74 68 69 73 7c 7c 6e 65 77
                                                                                                                                                                                                                          Data Ascii: =e=>{var t=e&&e.__esModule?()=>e.default:()=>e;return r.d(t,{a:t}),t},r.d=(e,t)=>{for(var o in t)r.o(t,o)&&!r.o(e,o)&&Object.defineProperty(e,o,{enumerable:!0,get:t[o]})},r.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new
                                                                                                                                                                                                                          2024-05-05 12:33:27 UTC829INData Raw: 5f 73 75 62 73 63 72 69 70 74 69 6f 6e 73 22 2c 70 6f 73 74 5f 61 63 63 65 73 73 5f 6c 65 76 65 6c 3a 65 2e 64 61 74 61 73 65 74 2e 70 6f 73 74 5f 61 63 63 65 73 73 5f 6c 65 76 65 6c 2c 64 69 73 70 6c 61 79 3a 22 61 6c 74 65 72 6e 61 74 65 22 7d 29 7d 28 29 7d 29 29 3b 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 2e 77 70 2d 62 6c 6f 63 6b 2d 6a 65 74 70 61 63 6b 2d 73 75 62 73 63 72 69 70 74 69 6f 6e 73 5f 5f 63 6f 6e 74 61 69 6e 65 72 20 66 6f 72 6d 22 29 2e 66 6f 72 45 61 63 68 28 28 65 3d 3e 7b 65 2e 70 61 79 6d 65 6e 74 73 5f 61 74 74 61 63 68 65 64 7c 7c 28 65 2e 70 61 79 6d 65 6e 74 73 5f 61 74 74 61 63 68 65 64 3d 21 30 2c 65 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 73 75 62 6d 69 74 22 2c 28 66
                                                                                                                                                                                                                          Data Ascii: _subscriptions",post_access_level:e.dataset.post_access_level,display:"alternate"})}()}));document.querySelectorAll(".wp-block-jetpack-subscriptions__container form").forEach((e=>{e.payments_attached||(e.payments_attached=!0,e.addEventListener("submit",(f


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          71192.168.2.449818142.251.16.1134434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:27 UTC1240OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912398937&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=3&tfd=8985 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:27 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:27 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          72192.168.2.44981935.190.80.14434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:27 UTC525OUTOPTIONS /report/v4?s=8miM4L8heUM175RMoQnOOtrHeUnMRYMs8kI%2BQdC5bNn1CZgsjKRBQAtVuVZq3slMAPXfq5Ox9%2BI6qYEDJiKWGfTrGNzkR5ZGMPVRGovyATAq70em%2Fl%2Fdq8z55ww%3D HTTP/1.1
                                                                                                                                                                                                                          Host: a.nel.cloudflare.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          Access-Control-Request-Method: POST
                                                                                                                                                                                                                          Access-Control-Request-Headers: content-type
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:27 UTC336INHTTP/1.1 200 OK
                                                                                                                                                                                                                          content-length: 0
                                                                                                                                                                                                                          access-control-max-age: 86400
                                                                                                                                                                                                                          access-control-allow-methods: OPTIONS, POST
                                                                                                                                                                                                                          access-control-allow-origin: *
                                                                                                                                                                                                                          access-control-allow-headers: content-length, content-type
                                                                                                                                                                                                                          date: Sun, 05 May 2024 12:33:27 GMT
                                                                                                                                                                                                                          Via: 1.1 google
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          73192.168.2.44982035.190.80.14434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:27 UTC472OUTPOST /report/v4?s=8miM4L8heUM175RMoQnOOtrHeUnMRYMs8kI%2BQdC5bNn1CZgsjKRBQAtVuVZq3slMAPXfq5Ox9%2BI6qYEDJiKWGfTrGNzkR5ZGMPVRGovyATAq70em%2Fl%2Fdq8z55ww%3D HTTP/1.1
                                                                                                                                                                                                                          Host: a.nel.cloudflare.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 403
                                                                                                                                                                                                                          Content-Type: application/reports+json
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:27 UTC403OUTData Raw: 5b 7b 22 61 67 65 22 3a 32 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 31 31 35 35 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 30 34 2e 32 36 2e 35 2e 31 30 32 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 34 30 30 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 65 72 72 6f 72 22 7d 2c 22 74 79 70 65 22 3a 22 6e 65 74 77 6f 72 6b 2d 65 72 72 6f 72 22 2c 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 77 70 2d 61 64
                                                                                                                                                                                                                          Data Ascii: [{"age":2,"body":{"elapsed_time":1155,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"","sampling_fraction":1.0,"server_ip":"104.26.5.102","status_code":400,"type":"http.error"},"type":"network-error","url":"https://bitsum.com/wp-ad
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC168INHTTP/1.1 200 OK
                                                                                                                                                                                                                          content-length: 0
                                                                                                                                                                                                                          date: Sun, 05 May 2024 12:33:27 GMT
                                                                                                                                                                                                                          Via: 1.1 google
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          74192.168.2.449822192.0.76.34434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC691OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3994&rand=0.20887544996126906 HTTP/1.1
                                                                                                                                                                                                                          Host: pixel.wp.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: image
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:28 GMT
                                                                                                                                                                                                                          Content-Type: image/gif
                                                                                                                                                                                                                          Content-Length: 50
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                          Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          75192.168.2.449821151.101.64.1764434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC718OUTGET /v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html HTTP/1.1
                                                                                                                                                                                                                          Host: js.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                          Sec-Fetch-Dest: iframe
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC1294INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Content-Length: 200
                                                                                                                                                                                                                          Last-Modified: Thu, 21 Dec 2023 18:13:43 GMT
                                                                                                                                                                                                                          ETag: "3437aaddcdf6922d623e172c2d6f9278"
                                                                                                                                                                                                                          Cache-Control: max-age=31536000
                                                                                                                                                                                                                          Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                          content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
                                                                                                                                                                                                                          content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
                                                                                                                                                                                                                          strict-transport-security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          x-content-type-options: nosniff
                                                                                                                                                                                                                          access-control-allow-origin: *
                                                                                                                                                                                                                          server: Fastly
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Age: 775397
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:28 GMT
                                                                                                                                                                                                                          Via: 1.1 varnish
                                                                                                                                                                                                                          X-Request-ID: 016784a3-c66f-447d-9f22-4042e5112c4f
                                                                                                                                                                                                                          X-Served-By: cache-iad-kcgs7200130-IAD
                                                                                                                                                                                                                          X-Cache: HIT
                                                                                                                                                                                                                          X-Cache-Hits: 0
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          Timing-Allow-Origin: *
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC200INData Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 2f 3e 3c 73 63 72 69 70 74 20 64 65 66 65 72 3d 22 64 65 66 65 72 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 6a 73 2e 73 74 72 69 70 65 2e 63 6f 6d 2f 76 33 2f 66 69 6e 67 65 72 70 72 69 6e 74 65 64 2f 6a 73 2f 6d 2d 6f 75 74 65 72 2d 31 35 61 32 62 34 30 61 30 35 38 64 64 66 66 31 63 66 66 64 62 36 33 37 37 39 66 65 33 64 65 31 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                                                                                                                                                                                          Data Ascii: <!doctype html><html><head><meta charset="utf-8"/><script defer="defer" src="https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js"></script></head><body></body></html>


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          76192.168.2.449823104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC807OUTGET /wp-content/plugins/edd-multi-currency/assets/build/frontend.js?ver=1.1.1 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: script
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912402.55.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC784INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:28 GMT
                                                                                                                                                                                                                          Content-Type: application/javascript
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Sat, 02 Dec 2023 11:53:57 GMT
                                                                                                                                                                                                                          ETag: W/"ff5ba-89b-60b858a34a9a2-gzip"
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: EXPIRED
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jYREOiQbp9D%2FE4FtzvCSPBB8H0XQiJE8DsRKnAqDEeD%2FmjGXB1UzrLJT%2FN7EJyv5vHwvTNz%2FVHNiKUnT1qqA3ulNopR06L4m5Ym%2Bgo7Rfp0npHQ%2FJmhfk8PHsmU%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c258ef74082e-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC585INData Raw: 38 39 62 0d 0a 21 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 7b 7d 3b 66 75 6e 63 74 69 6f 6e 20 6e 28 72 29 7b 69 66 28 74 5b 72 5d 29 72 65 74 75 72 6e 20 74 5b 72 5d 2e 65 78 70 6f 72 74 73 3b 76 61 72 20 6f 3d 74 5b 72 5d 3d 7b 69 3a 72 2c 6c 3a 21 31 2c 65 78 70 6f 72 74 73 3a 7b 7d 7d 3b 72 65 74 75 72 6e 20 65 5b 72 5d 2e 63 61 6c 6c 28 6f 2e 65 78 70 6f 72 74 73 2c 6f 2c 6f 2e 65 78 70 6f 72 74 73 2c 6e 29 2c 6f 2e 6c 3d 21 30 2c 6f 2e 65 78 70 6f 72 74 73 7d 6e 2e 6d 3d 65 2c 6e 2e 63 3d 74 2c 6e 2e 64 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 72 29 7b 6e 2e 6f 28 65 2c 74 29 7c 7c 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 65 2c 74 2c 7b 65 6e 75 6d 65 72 61 62 6c 65 3a 21 30 2c 67 65 74 3a 72 7d 29 7d 2c 6e 2e
                                                                                                                                                                                                                          Data Ascii: 89b!function(e){var t={};function n(r){if(t[r])return t[r].exports;var o=t[r]={i:r,l:!1,exports:{}};return e[r].call(o.exports,o,o.exports,n),o.l=!0,o.exports}n.m=e,n.c=t,n.d=function(e,t,r){n.o(e,t)||Object.defineProperty(e,t,{enumerable:!0,get:r})},n.
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC1369INData Raw: 79 28 72 2c 22 64 65 66 61 75 6c 74 22 2c 7b 65 6e 75 6d 65 72 61 62 6c 65 3a 21 30 2c 76 61 6c 75 65 3a 65 7d 29 2c 32 26 74 26 26 22 73 74 72 69 6e 67 22 21 3d 74 79 70 65 6f 66 20 65 29 66 6f 72 28 76 61 72 20 6f 20 69 6e 20 65 29 6e 2e 64 28 72 2c 6f 2c 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 65 5b 74 5d 7d 2e 62 69 6e 64 28 6e 75 6c 6c 2c 6f 29 29 3b 72 65 74 75 72 6e 20 72 7d 2c 6e 2e 6e 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 65 26 26 65 2e 5f 5f 65 73 4d 6f 64 75 6c 65 3f 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 2e 64 65 66 61 75 6c 74 7d 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 7d 3b 72 65 74 75 72 6e 20 6e 2e 64 28 74 2c 22 61 22 2c 74 29 2c 74 7d 2c 6e 2e 6f 3d 66 75 6e 63 74
                                                                                                                                                                                                                          Data Ascii: y(r,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var o in e)n.d(r,o,function(t){return e[t]}.bind(null,o));return r},n.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return n.d(t,"a",t),t},n.o=funct
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC256INData Raw: 61 64 65 64 22 2c 28 29 3d 3e 7b 63 6f 6e 73 74 20 65 3d 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 2e 65 64 64 2d 6d 75 6c 74 69 2d 63 75 72 72 65 6e 63 79 2d 73 77 69 74 63 68 65 72 22 29 3b 65 26 26 65 2e 66 6f 72 45 61 63 68 28 65 3d 3e 7b 63 6f 6e 73 74 20 74 3d 65 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 28 22 73 65 6c 65 63 74 22 29 2c 6e 3d 65 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 28 27 62 75 74 74 6f 6e 5b 74 79 70 65 3d 22 73 75 62 6d 69 74 22 5d 27 29 3b 74 26 26 6e 26 26 28 6e 2e 73 74 79 6c 65 2e 64 69 73 70 6c 61 79 3d 22 6e 6f 6e 65 22 2c 74 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 63 68 61 6e 67 65 22 2c 74 3d 3e 7b 65 2e 73 75 62 6d 69 74 28 29 7d 29 29 7d 29 7d 29 7d 7d 29 3b 0d
                                                                                                                                                                                                                          Data Ascii: aded",()=>{const e=document.querySelectorAll(".edd-multi-currency-switcher");e&&e.forEach(e=>{const t=e.querySelector("select"),n=e.querySelector('button[type="submit"]');t&&n&&(n.style.display="none",t.addEventListener("change",t=>{e.submit()}))})})}});
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          77192.168.2.449825104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC810OUTGET /wp-content/themes/meminz/js/plugins.js?ver=35eac6e98b37c7568cceeeeb456d12a3 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: script
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912402.55.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC783INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:28 GMT
                                                                                                                                                                                                                          Content-Type: application/javascript
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Mon, 11 Jan 2016 02:50:38 GMT
                                                                                                                                                                                                                          ETag: W/"104833-33008-5290600789b80-gzip"
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: EXPIRED
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B13%2Bnib5RjhPNqAY0go23WDHBXFQgfFa4Mb5cPDtMpqw%2BwoapTHb055i1gxwD0IpkQAo%2F9JxftPXw1CzWxQWEEXPEmJlfQklc1iuZO8Wy3YnHyZRt%2BHOX66s04U%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c258e874079c-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC586INData Raw: 37 63 61 34 0d 0a 2f 2a 21 0a 20 2a 20 42 6f 6f 74 73 74 72 61 70 20 76 33 2e 32 2e 30 20 28 68 74 74 70 3a 2f 2f 67 65 74 62 6f 6f 74 73 74 72 61 70 2e 63 6f 6d 29 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 31 34 20 54 77 69 74 74 65 72 2c 20 49 6e 63 2e 0a 20 2a 20 4c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 4d 49 54 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77 62 73 2f 62 6f 6f 74 73 74 72 61 70 2f 62 6c 6f 62 2f 6d 61 73 74 65 72 2f 4c 49 43 45 4e 53 45 29 0a 20 2a 2f 0a 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 74 79 70 65 6f 66 20 6a 51 75 65 72 79 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 42 6f 6f 74 73 74 72 61 70 27 73 20 4a 61 76 61 53 63 72 69 70 74 20 72 65 71 75 69 72 65 73 20 6a
                                                                                                                                                                                                                          Data Ascii: 7ca4/*! * Bootstrap v3.2.0 (http://getbootstrap.com) * Copyright 2011-2014 Twitter, Inc. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE) */if("undefined"==typeof jQuery)throw new Error("Bootstrap's JavaScript requires j
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC1369INData Raw: 28 62 29 7b 76 61 72 20 63 3d 21 31 2c 64 3d 74 68 69 73 3b 61 28 74 68 69 73 29 2e 6f 6e 65 28 22 62 73 54 72 61 6e 73 69 74 69 6f 6e 45 6e 64 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 63 3d 21 30 7d 29 3b 76 61 72 20 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 63 7c 7c 61 28 64 29 2e 74 72 69 67 67 65 72 28 61 2e 73 75 70 70 6f 72 74 2e 74 72 61 6e 73 69 74 69 6f 6e 2e 65 6e 64 29 7d 3b 72 65 74 75 72 6e 20 73 65 74 54 69 6d 65 6f 75 74 28 65 2c 62 29 2c 74 68 69 73 7d 2c 61 28 66 75 6e 63 74 69 6f 6e 28 29 7b 61 2e 73 75 70 70 6f 72 74 2e 74 72 61 6e 73 69 74 69 6f 6e 3d 62 28 29 2c 61 2e 73 75 70 70 6f 72 74 2e 74 72 61 6e 73 69 74 69 6f 6e 26 26 28 61 2e 65 76 65 6e 74 2e 73 70 65 63 69 61 6c 2e 62 73 54 72 61 6e 73 69 74 69 6f 6e 45 6e 64 3d 7b 62 69 6e 64
                                                                                                                                                                                                                          Data Ascii: (b){var c=!1,d=this;a(this).one("bsTransitionEnd",function(){c=!0});var e=function(){c||a(d).trigger(a.support.transition.end)};return setTimeout(e,b),this},a(function(){a.support.transition=b(),a.support.transition&&(a.event.special.bsTransitionEnd={bind
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC1369INData Raw: 6e 20 62 28 62 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 64 3d 61 28 74 68 69 73 29 2c 65 3d 64 2e 64 61 74 61 28 22 62 73 2e 62 75 74 74 6f 6e 22 29 2c 66 3d 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 62 26 26 62 3b 65 7c 7c 64 2e 64 61 74 61 28 22 62 73 2e 62 75 74 74 6f 6e 22 2c 65 3d 6e 65 77 20 63 28 74 68 69 73 2c 66 29 29 2c 22 74 6f 67 67 6c 65 22 3d 3d 62 3f 65 2e 74 6f 67 67 6c 65 28 29 3a 62 26 26 65 2e 73 65 74 53 74 61 74 65 28 62 29 7d 29 7d 76 61 72 20 63 3d 66 75 6e 63 74 69 6f 6e 28 62 2c 64 29 7b 74 68 69 73 2e 24 65 6c 65 6d 65 6e 74 3d 61 28 62 29 2c 74 68 69 73 2e 6f 70 74 69 6f 6e 73 3d 61 2e 65 78 74 65 6e 64 28 7b 7d 2c 63 2e 44 45 46 41 55 4c 54 53 2c 64 29 2c 74
                                                                                                                                                                                                                          Data Ascii: n b(b){return this.each(function(){var d=a(this),e=d.data("bs.button"),f="object"==typeof b&&b;e||d.data("bs.button",e=new c(this,f)),"toggle"==b?e.toggle():b&&e.setState(b)})}var c=function(b,d){this.$element=a(b),this.options=a.extend({},c.DEFAULTS,d),t
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC1369INData Raw: 7d 28 6a 51 75 65 72 79 29 2c 2b 66 75 6e 63 74 69 6f 6e 28 61 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 62 28 62 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 64 3d 61 28 74 68 69 73 29 2c 65 3d 64 2e 64 61 74 61 28 22 62 73 2e 63 61 72 6f 75 73 65 6c 22 29 2c 66 3d 61 2e 65 78 74 65 6e 64 28 7b 7d 2c 63 2e 44 45 46 41 55 4c 54 53 2c 64 2e 64 61 74 61 28 29 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 62 26 26 62 29 2c 67 3d 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 62 3f 62 3a 66 2e 73 6c 69 64 65 3b 65 7c 7c 64 2e 64 61 74 61 28 22 62 73 2e 63 61 72 6f 75 73 65 6c 22 2c 65 3d 6e 65 77 20 63 28 74 68 69 73 2c 66 29 29 2c 22 6e 75 6d 62 65 72 22 3d 3d
                                                                                                                                                                                                                          Data Ascii: }(jQuery),+function(a){"use strict";function b(b){return this.each(function(){var d=a(this),e=d.data("bs.carousel"),f=a.extend({},c.DEFAULTS,d.data(),"object"==typeof b&&b),g="string"==typeof b?b:f.slide;e||d.data("bs.carousel",e=new c(this,f)),"number"==
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC1369INData Raw: 2e 6c 65 6e 67 74 68 2d 31 7c 7c 30 3e 62 3f 76 6f 69 64 20 30 3a 74 68 69 73 2e 73 6c 69 64 69 6e 67 3f 74 68 69 73 2e 24 65 6c 65 6d 65 6e 74 2e 6f 6e 65 28 22 73 6c 69 64 2e 62 73 2e 63 61 72 6f 75 73 65 6c 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 63 2e 74 6f 28 62 29 7d 29 3a 64 3d 3d 62 3f 74 68 69 73 2e 70 61 75 73 65 28 29 2e 63 79 63 6c 65 28 29 3a 74 68 69 73 2e 73 6c 69 64 65 28 62 3e 64 3f 22 6e 65 78 74 22 3a 22 70 72 65 76 22 2c 61 28 74 68 69 73 2e 24 69 74 65 6d 73 5b 62 5d 29 29 7d 2c 63 2e 70 72 6f 74 6f 74 79 70 65 2e 70 61 75 73 65 3d 66 75 6e 63 74 69 6f 6e 28 62 29 7b 72 65 74 75 72 6e 20 62 7c 7c 28 74 68 69 73 2e 70 61 75 73 65 64 3d 21 30 29 2c 74 68 69 73 2e 24 65 6c 65 6d 65 6e 74 2e 66 69 6e 64 28 22 2e 6e 65 78 74 2c 20 2e 70 72
                                                                                                                                                                                                                          Data Ascii: .length-1||0>b?void 0:this.sliding?this.$element.one("slid.bs.carousel",function(){c.to(b)}):d==b?this.pause().cycle():this.slide(b>d?"next":"prev",a(this.$items[b]))},c.prototype.pause=function(b){return b||(this.paused=!0),this.$element.find(".next, .pr
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC1369INData Raw: 6e 64 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 65 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 5b 62 2c 67 5d 2e 6a 6f 69 6e 28 22 20 22 29 29 2e 61 64 64 43 6c 61 73 73 28 22 61 63 74 69 76 65 22 29 2c 64 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 5b 22 61 63 74 69 76 65 22 2c 67 5d 2e 6a 6f 69 6e 28 22 20 22 29 29 2c 69 2e 73 6c 69 64 69 6e 67 3d 21 31 2c 73 65 74 54 69 6d 65 6f 75 74 28 66 75 6e 63 74 69 6f 6e 28 29 7b 69 2e 24 65 6c 65 6d 65 6e 74 2e 74 72 69 67 67 65 72 28 6d 29 7d 2c 30 29 7d 29 2e 65 6d 75 6c 61 74 65 54 72 61 6e 73 69 74 69 6f 6e 45 6e 64 28 31 65 33 2a 64 2e 63 73 73 28 22 74 72 61 6e 73 69 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 22 29 2e 73 6c 69 63 65 28 30 2c 2d 31 29 29 29 3a 28 64 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 22 61 63 74 69 76
                                                                                                                                                                                                                          Data Ascii: nd",function(){e.removeClass([b,g].join(" ")).addClass("active"),d.removeClass(["active",g].join(" ")),i.sliding=!1,setTimeout(function(){i.$element.trigger(m)},0)}).emulateTransitionEnd(1e3*d.css("transition-duration").slice(0,-1))):(d.removeClass("activ
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC1369INData Raw: 70 61 72 65 6e 74 29 29 2c 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 74 6f 67 67 6c 65 26 26 74 68 69 73 2e 74 6f 67 67 6c 65 28 29 7d 3b 63 2e 56 45 52 53 49 4f 4e 3d 22 33 2e 32 2e 30 22 2c 63 2e 44 45 46 41 55 4c 54 53 3d 7b 74 6f 67 67 6c 65 3a 21 30 7d 2c 63 2e 70 72 6f 74 6f 74 79 70 65 2e 64 69 6d 65 6e 73 69 6f 6e 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 61 3d 74 68 69 73 2e 24 65 6c 65 6d 65 6e 74 2e 68 61 73 43 6c 61 73 73 28 22 77 69 64 74 68 22 29 3b 72 65 74 75 72 6e 20 61 3f 22 77 69 64 74 68 22 3a 22 68 65 69 67 68 74 22 7d 2c 63 2e 70 72 6f 74 6f 74 79 70 65 2e 73 68 6f 77 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 21 74 68 69 73 2e 74 72 61 6e 73 69 74 69 6f 6e 69 6e 67 26 26 21 74 68 69 73 2e 24 65 6c 65 6d 65 6e 74 2e 68 61 73 43
                                                                                                                                                                                                                          Data Ascii: parent)),this.options.toggle&&this.toggle()};c.VERSION="3.2.0",c.DEFAULTS={toggle:!0},c.prototype.dimension=function(){var a=this.$element.hasClass("width");return a?"width":"height"},c.prototype.show=function(){if(!this.transitioning&&!this.$element.hasC
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC1369INData Raw: 2c 74 68 69 73 2e 24 65 6c 65 6d 65 6e 74 2e 74 72 69 67 67 65 72 28 22 68 69 64 64 65 6e 2e 62 73 2e 63 6f 6c 6c 61 70 73 65 22 29 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 22 63 6f 6c 6c 61 70 73 69 6e 67 22 29 2e 61 64 64 43 6c 61 73 73 28 22 63 6f 6c 6c 61 70 73 65 22 29 7d 3b 72 65 74 75 72 6e 20 61 2e 73 75 70 70 6f 72 74 2e 74 72 61 6e 73 69 74 69 6f 6e 3f 76 6f 69 64 20 74 68 69 73 2e 24 65 6c 65 6d 65 6e 74 5b 63 5d 28 30 29 2e 6f 6e 65 28 22 62 73 54 72 61 6e 73 69 74 69 6f 6e 45 6e 64 22 2c 61 2e 70 72 6f 78 79 28 64 2c 74 68 69 73 29 29 2e 65 6d 75 6c 61 74 65 54 72 61 6e 73 69 74 69 6f 6e 45 6e 64 28 33 35 30 29 3a 64 2e 63 61 6c 6c 28 74 68 69 73 29 7d 7d 7d 2c 63 2e 70 72 6f 74 6f 74 79 70 65 2e 74 6f 67 67 6c 65 3d 66 75 6e 63 74 69 6f 6e 28
                                                                                                                                                                                                                          Data Ascii: ,this.$element.trigger("hidden.bs.collapse").removeClass("collapsing").addClass("collapse")};return a.support.transition?void this.$element[c](0).one("bsTransitionEnd",a.proxy(d,this)).emulateTransitionEnd(350):d.call(this)}}},c.prototype.toggle=function(
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC1369INData Raw: 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 63 3d 61 28 74 68 69 73 29 2c 64 3d 63 2e 64 61 74 61 28 22 62 73 2e 64 72 6f 70 64 6f 77 6e 22 29 3b 64 7c 7c 63 2e 64 61 74 61 28 22 62 73 2e 64 72 6f 70 64 6f 77 6e 22 2c 64 3d 6e 65 77 20 67 28 74 68 69 73 29 29 2c 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 62 26 26 64 5b 62 5d 2e 63 61 6c 6c 28 63 29 7d 29 7d 76 61 72 20 65 3d 22 2e 64 72 6f 70 64 6f 77 6e 2d 62 61 63 6b 64 72 6f 70 22 2c 66 3d 27 5b 64 61 74 61 2d 74 6f 67 67 6c 65 3d 22 64 72 6f 70 64 6f 77 6e 22 5d 27 2c 67 3d 66 75 6e 63 74 69 6f 6e 28 62 29 7b 61 28 62 29 2e 6f 6e 28 22 63 6c 69 63 6b 2e 62 73 2e 64 72 6f 70 64 6f 77 6e 22 2c 74 68 69 73 2e 74 6f 67 67 6c 65 29 7d 3b 67 2e
                                                                                                                                                                                                                          Data Ascii: {return this.each(function(){var c=a(this),d=c.data("bs.dropdown");d||c.data("bs.dropdown",d=new g(this)),"string"==typeof b&&d[b].call(c)})}var e=".dropdown-backdrop",f='[data-toggle="dropdown"]',g=function(b){a(b).on("click.bs.dropdown",this.toggle)};g.
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC1369INData Raw: 65 6e 74 29 2e 6f 6e 28 22 63 6c 69 63 6b 2e 62 73 2e 64 72 6f 70 64 6f 77 6e 2e 64 61 74 61 2d 61 70 69 22 2c 62 29 2e 6f 6e 28 22 63 6c 69 63 6b 2e 62 73 2e 64 72 6f 70 64 6f 77 6e 2e 64 61 74 61 2d 61 70 69 22 2c 22 2e 64 72 6f 70 64 6f 77 6e 20 66 6f 72 6d 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 61 2e 73 74 6f 70 50 72 6f 70 61 67 61 74 69 6f 6e 28 29 7d 29 2e 6f 6e 28 22 63 6c 69 63 6b 2e 62 73 2e 64 72 6f 70 64 6f 77 6e 2e 64 61 74 61 2d 61 70 69 22 2c 66 2c 67 2e 70 72 6f 74 6f 74 79 70 65 2e 74 6f 67 67 6c 65 29 2e 6f 6e 28 22 6b 65 79 64 6f 77 6e 2e 62 73 2e 64 72 6f 70 64 6f 77 6e 2e 64 61 74 61 2d 61 70 69 22 2c 66 2b 27 2c 20 5b 72 6f 6c 65 3d 22 6d 65 6e 75 22 5d 2c 20 5b 72 6f 6c 65 3d 22 6c 69 73 74 62 6f 78 22 5d 27 2c 67 2e 70 72 6f 74
                                                                                                                                                                                                                          Data Ascii: ent).on("click.bs.dropdown.data-api",b).on("click.bs.dropdown.data-api",".dropdown form",function(a){a.stopPropagation()}).on("click.bs.dropdown.data-api",f,g.prototype.toggle).on("keydown.bs.dropdown.data-api",f+', [role="menu"], [role="listbox"]',g.prot


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          78192.168.2.449824104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC785OUTGET /wp-content/themes/meminz/js/custom.js?ver=20231102 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: script
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912402.55.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC848INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:28 GMT
                                                                                                                                                                                                                          Content-Type: application/javascript
                                                                                                                                                                                                                          Content-Length: 5705
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cf-Bgj: minify
                                                                                                                                                                                                                          Cf-Polished: origSize=10363
                                                                                                                                                                                                                          ETag: "10482b-287b-6093437b2b8bd-gzip"
                                                                                                                                                                                                                          Last-Modified: Fri, 03 Nov 2023 00:02:17 GMT
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: HIT
                                                                                                                                                                                                                          Age: 4624
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bMWQakqBhc2iBBge4Tef88G%2Bee4gzyWh%2B%2F9Bsj6nbqGizXC8qMCuZuVrDydRkJImv0DspLIhsChHfrHjm3sLZjxL27vBapvjXgInSx1BVAmH3TV%2Fh9wyl1up18k%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c258fb696fd4-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC521INData Raw: 28 66 75 6e 63 74 69 6f 6e 28 24 29 7b 27 75 73 65 20 73 74 72 69 63 74 27 3b 24 2e 66 6e 2e 73 63 72 6f 6c 6c 54 6f 3d 66 75 6e 63 74 69 6f 6e 28 6f 70 74 69 6f 6e 73 29 7b 76 61 72 20 73 65 74 74 69 6e 67 73 3d 7b 6f 66 66 73 65 74 3a 2d 36 30 2c 73 70 65 65 64 3a 27 73 6c 6f 77 27 2c 6f 76 65 72 72 69 64 65 3a 6e 75 6c 6c 2c 65 61 73 69 6e 67 3a 6e 75 6c 6c 7d 3b 69 66 28 6f 70 74 69 6f 6e 73 29 7b 69 66 28 6f 70 74 69 6f 6e 73 2e 6f 76 65 72 72 69 64 65 29 7b 6f 70 74 69 6f 6e 73 2e 6f 76 65 72 72 69 64 65 3d 28 6f 76 65 72 72 69 64 65 28 27 23 27 29 21 3d 2d 31 29 3f 6f 70 74 69 6f 6e 73 2e 6f 76 65 72 72 69 64 65 3a 27 23 27 2b 6f 70 74 69 6f 6e 73 2e 6f 76 65 72 72 69 64 65 3b 7d 0a 24 2e 65 78 74 65 6e 64 28 73 65 74 74 69 6e 67 73 2c 6f 70 74 69
                                                                                                                                                                                                                          Data Ascii: (function($){'use strict';$.fn.scrollTo=function(options){var settings={offset:-60,speed:'slow',override:null,easing:null};if(options){if(options.override){options.override=(override('#')!=-1)?options.override:'#'+options.override;}$.extend(settings,opti
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC1369INData Raw: 29 3b 24 28 27 68 74 6d 6c 2c 62 6f 64 79 27 29 2e 73 74 6f 70 28 29 2e 61 6e 69 6d 61 74 65 28 7b 73 63 72 6f 6c 6c 54 6f 70 3a 24 28 69 64 54 6f 4c 6f 6f 6b 41 74 29 2e 6f 66 66 73 65 74 28 29 2e 74 6f 70 2b 73 65 74 74 69 6e 67 73 2e 6f 66 66 73 65 74 7d 2c 73 65 74 74 69 6e 67 73 2e 73 70 65 65 64 2c 73 65 74 74 69 6e 67 73 2e 65 61 73 69 6e 67 29 3b 7d 65 6c 73 65 7b 24 28 27 68 74 6d 6c 2c 62 6f 64 79 27 29 2e 73 74 6f 70 28 29 2e 61 6e 69 6d 61 74 65 28 7b 73 63 72 6f 6c 6c 54 6f 70 3a 24 28 69 64 54 6f 4c 6f 6f 6b 41 74 29 2e 6f 66 66 73 65 74 28 29 2e 74 6f 70 2b 73 65 74 74 69 6e 67 73 2e 6f 66 66 73 65 74 7d 2c 73 65 74 74 69 6e 67 73 2e 73 70 65 65 64 2c 73 65 74 74 69 6e 67 73 2e 65 61 73 69 6e 67 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 77 69
                                                                                                                                                                                                                          Data Ascii: );$('html,body').stop().animate({scrollTop:$(idToLookAt).offset().top+settings.offset},settings.speed,settings.easing);}else{$('html,body').stop().animate({scrollTop:$(idToLookAt).offset().top+settings.offset},settings.speed,settings.easing,function(e){wi
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC1369INData Raw: 28 29 7b 72 65 74 75 72 6e 20 6e 61 76 69 67 61 74 6f 72 2e 75 73 65 72 41 67 65 6e 74 2e 6d 61 74 63 68 28 2f 69 50 68 6f 6e 65 7c 69 50 61 64 7c 69 50 6f 64 2f 69 29 3b 7d 2c 4f 70 65 72 61 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6e 61 76 69 67 61 74 6f 72 2e 75 73 65 72 41 67 65 6e 74 2e 6d 61 74 63 68 28 2f 4f 70 65 72 61 20 4d 69 6e 69 2f 69 29 3b 7d 2c 57 69 6e 64 6f 77 73 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6e 61 76 69 67 61 74 6f 72 2e 75 73 65 72 41 67 65 6e 74 2e 6d 61 74 63 68 28 2f 49 45 4d 6f 62 69 6c 65 2f 69 29 3b 7d 2c 61 6e 79 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 61 2e 41 6e 64 72 6f 69 64 28 29 7c 7c 61 2e 42 6c 61 63 6b 42 65 72 72 79 28 29 7c 7c 61 2e 69 4f 53 28 29 7c 7c 61 2e
                                                                                                                                                                                                                          Data Ascii: (){return navigator.userAgent.match(/iPhone|iPad|iPod/i);},Opera:function(){return navigator.userAgent.match(/Opera Mini/i);},Windows:function(){return navigator.userAgent.match(/IEMobile/i);},any:function(){return a.Android()||a.BlackBerry()||a.iOS()||a.
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC1369INData Raw: 64 69 72 65 63 74 69 6f 6e 4e 61 76 3a 66 61 6c 73 65 7d 3b 69 6d 61 63 2e 66 6c 65 78 73 6c 69 64 65 72 28 7b 73 6c 69 64 65 73 68 6f 77 3a 69 6d 61 63 5f 6f 70 74 69 6f 6e 73 44 61 74 61 2e 73 6c 69 64 65 73 68 6f 77 2c 61 6e 69 6d 61 74 69 6f 6e 3a 69 6d 61 63 5f 6f 70 74 69 6f 6e 73 44 61 74 61 2e 61 6e 69 6d 61 74 69 6f 6e 2c 64 69 72 65 63 74 69 6f 6e 3a 69 6d 61 63 5f 6f 70 74 69 6f 6e 73 44 61 74 61 2e 64 69 72 65 63 74 69 6f 6e 2c 73 6d 6f 6f 74 68 48 65 69 67 68 74 3a 69 6d 61 63 5f 6f 70 74 69 6f 6e 73 44 61 74 61 2e 73 6d 6f 6f 74 68 48 65 69 67 68 74 2c 73 6c 69 64 65 73 68 6f 77 53 70 65 65 64 3a 69 6d 61 63 5f 6f 70 74 69 6f 6e 73 44 61 74 61 2e 73 6c 69 64 65 73 68 6f 77 53 70 65 65 64 2c 64 69 72 65 63 74 69 6f 6e 4e 61 76 3a 69 6d 61 63
                                                                                                                                                                                                                          Data Ascii: directionNav:false};imac.flexslider({slideshow:imac_optionsData.slideshow,animation:imac_optionsData.animation,direction:imac_optionsData.direction,smoothHeight:imac_optionsData.smoothHeight,slideshowSpeed:imac_optionsData.slideshowSpeed,directionNav:imac
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC1077INData Raw: 67 54 79 70 65 3a 27 65 61 73 65 4f 75 74 51 75 61 72 74 27 7d 29 3b 24 28 22 61 2e 7a 6f 6f 6d 3a 66 69 72 73 74 5b 64 61 74 61 2d 70 72 65 74 74 79 5e 3d 27 70 72 65 74 74 79 50 68 6f 74 6f 27 5d 22 29 2e 70 72 65 74 74 79 50 68 6f 74 6f 28 7b 61 6e 69 6d 61 74 69 6f 6e 5f 73 70 65 65 64 3a 27 6e 6f 72 6d 61 6c 27 2c 74 68 65 6d 65 3a 27 70 70 5f 64 65 66 61 75 6c 74 27 2c 73 6c 69 64 65 73 68 6f 77 3a 33 30 30 30 2c 61 75 74 6f 70 6c 61 79 5f 73 6c 69 64 65 73 68 6f 77 3a 66 61 6c 73 65 7d 29 3b 24 28 22 61 2e 7a 6f 6f 6d 3a 67 74 28 30 29 5b 64 61 74 61 2d 70 72 65 74 74 79 5e 3d 27 70 72 65 74 74 79 50 68 6f 74 6f 27 5d 22 29 2e 70 72 65 74 74 79 50 68 6f 74 6f 28 7b 61 6e 69 6d 61 74 69 6f 6e 5f 73 70 65 65 64 3a 27 66 61 73 74 27 2c 73 6c 69 64 65
                                                                                                                                                                                                                          Data Ascii: gType:'easeOutQuart'});$("a.zoom:first[data-pretty^='prettyPhoto']").prettyPhoto({animation_speed:'normal',theme:'pp_default',slideshow:3000,autoplay_slideshow:false});$("a.zoom:gt(0)[data-pretty^='prettyPhoto']").prettyPhoto({animation_speed:'fast',slide


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          79192.168.2.449826104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC844OUTGET /wp-content/uploads/30dayrefund-e1605890583229.png HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: image
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912402.55.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC985INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:28 GMT
                                                                                                                                                                                                                          Content-Type: image/webp
                                                                                                                                                                                                                          Content-Length: 10546
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: max-age=3600
                                                                                                                                                                                                                          Cf-Bgj: imgq:100,h2pri
                                                                                                                                                                                                                          Cf-Polished: origFmt=png, origSize=15142
                                                                                                                                                                                                                          Content-Disposition: inline; filename="30dayrefund-e1605890583229.webp"
                                                                                                                                                                                                                          ETag: "fdfc6-3b26-5b48c89c94beb"
                                                                                                                                                                                                                          Expires: Sun, 05 May 2024 13:04:20 GMT
                                                                                                                                                                                                                          Last-Modified: Fri, 20 Nov 2020 16:43:03 GMT
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Vary: Accept
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: HIT
                                                                                                                                                                                                                          Age: 1748
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HHYtqfRxi3XXe7qizyF2ezN0%2BfFinG8N2xVZX2Y9LEQy2ad69n4SEOMVtIDOINLY891g67%2B%2F7mY%2FqXqfuqTXpP1jpxokMdU1En1fLFaIOmmlYhAEZkxyQWfjvmE%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c258f9645b04-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC384INData Raw: 52 49 46 46 2a 29 00 00 57 45 42 50 56 50 38 4c 1e 29 00 00 2f 2b 01 41 10 75 86 e3 b6 91 1c 49 ca 3f ec 31 55 bd 7b e6 1b 11 13 c0 2f ed 03 dc 0f 79 3b 60 da 32 ef d8 9c 00 61 c0 6e 0b ae 00 b3 5c 3a 1e 71 8f db c4 3d 98 26 9c e0 8e d4 7a 09 59 50 3a 7d 03 41 05 57 14 57 72 97 bc b1 a2 22 d0 43 54 54 dc 23 55 cf ec 64 00 8f 48 5d 39 21 93 ae 2c ff a5 25 ea ff cf 58 93 ce 79 5e 0c da 76 f7 d8 b6 b9 eb dd 68 67 6b 67 cf ec 7a 39 b6 6d db b6 6d db 36 ee 7b 4e 55 fe bf 24 f7 fe f3 cf 5d 4d 27 55 95 54 04 05 68 ff d7 a7 cd 25 41 ff 0c 77 38 a7 8a 1d d4 8b d4 5d b0 ba b7 8c 1a 52 77 77 77 03 8e 21 73 5f 46 dd 38 b2 d0 5c 57 d7 d4 25 c5 29 2e 11 e4 ff 7f 1d b1 6d e3 48 f2 ee f5 5e 76 27 c9 94 cc d7 1b b6 6d d3 94 46 db b6 2c c7 75 15 55 42 21 83 10 e4 c6 2e 69
                                                                                                                                                                                                                          Data Ascii: RIFF*)WEBPVP8L)/+AuI?1U{/y;`2an\:q=&zYP:}AWWr"CTT#UdH]9!,%Xy^vhgkgz9mm6{NU$]M'UTh%Aw8]Rwww!s_F8\W%).mH^v'mF,uUB!.i
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC1369INData Raw: 31 b3 07 e3 7a bf b2 fa 57 17 26 e5 be 65 91 32 6f 26 4c eb d5 7e 61 a1 d0 43 04 db 08 82 33 8b 75 9a 34 5b 91 2c 01 f4 02 22 fa 46 42 04 5b 11 7a 50 f4 34 cc a5 d2 a9 55 64 4e fa 0d 90 59 40 8f 29 59 c2 15 91 7e 33 a6 df a2 39 5b b5 74 d2 58 f4 33 c6 6c a7 69 5a f9 41 af b1 82 48 6f a6 29 59 ec e7 32 0c e3 c6 8b 94 6c 45 56 e1 2f 73 f9 2d 6a 94 d8 cb 70 f1 df b4 14 89 d6 34 56 0b 04 50 23 90 0e c5 92 e7 f5 16 19 42 2d 70 c1 4a 92 c7 44 2c e5 01 8f 3e c6 42 a6 a9 2a 4d 0a c4 f2 33 d0 55 e2 14 4a e7 84 50 a3 db 86 ac d6 1b 4d 53 55 4c 16 f6 24 64 2c 23 b8 d2 4c 81 34 d2 a9 9d 1a 89 5d 30 8d 53 20 1a ae 11 9b b1 b7 e0 6d af 4b 0e 18 ed 9b e4 eb 92 aa 03 7b a6 ad d4 b1 0a 1b 51 f6 bb 64 2f ef 9e 82 b5 3c 22 26 ad ae 9b ce 65 89 50 af a7 3d d4 b8 ad 6c 67 4d
                                                                                                                                                                                                                          Data Ascii: 1zW&e2o&L~aC3u4[,"FB[zP4UdNY@)Y~39[tX3liZAHo)Y2lEV/s-jp4VP#B-pJD,>B*M3UJPMSUL$d,#L4]0S mK{Qd/<"&eP=lgM
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC1369INData Raw: 7f dd 31 1e b0 58 c1 b6 74 d0 3e a6 6e 69 20 8d 0e c5 f1 22 9e 25 bb 27 89 c6 07 3e 65 43 12 43 42 ea 51 61 63 8a 78 b5 c4 9a 92 58 94 6f 8f c1 81 9f 38 55 30 17 08 91 4d 5f 93 2a b9 6a 61 7e 0d 87 93 83 c1 b3 cf a1 7c 37 0c 70 13 a1 df d5 69 80 0f 2c d7 c3 22 a1 77 e7 3b 9a 4a c1 20 a9 60 a1 22 b6 82 cc a6 45 95 b4 5a ae 8b c7 bf b1 70 63 15 39 04 f4 4c 07 79 f5 8d fd a3 25 94 11 1f 73 76 10 c5 10 14 31 2a 7b e9 fb b5 d7 15 51 f9 93 1b fc 77 2d 7a 6d 9c 04 03 3f 73 d6 c2 17 23 01 d3 fe 91 ef 9c ea 89 49 ed 38 ca f7 48 6b b6 20 b6 c5 09 2a 31 17 66 a9 b3 f2 14 51 d3 28 65 6a ba 3a 4e ce 8c 92 40 8b 70 9f 74 10 63 88 01 ee 6b 71 9c 9d ae 07 c4 b8 53 7d 1c 2e 2c ab 6e ee 45 35 f2 8f fc 44 3d 39 fb 99 6f 56 d0 be 3f d9 f9 d6 3a ef c7 88 e3 a2 e5 3c 9b 4e 27
                                                                                                                                                                                                                          Data Ascii: 1Xt>ni "%'>eCCBQacxXo8U0M_*ja~|7pi,"w;J `"EZpc9Ly%sv1*{Qw-zm?s#I8Hk *1fQ(ej:N@ptckqS}.,nE5D=9oV?:<N'
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC1369INData Raw: 32 2b fd aa b5 8f 73 8f 1a 00 65 ef c6 be d5 43 0b 03 7b 98 75 f8 5b 6e 42 01 1c 68 14 f2 22 8e e6 a5 1c 81 c5 de 58 40 d4 a7 14 d7 b8 93 61 46 9b e3 ec a3 a6 3d 3e 66 53 5d a4 fe 39 23 f6 2b e8 0e b4 7f c8 45 8d 3c eb 6c 5f 9a 04 88 38 80 34 cf 12 bf 62 96 e9 a5 1c 4d 84 bc ae 3a 66 25 30 24 f0 72 ff da 26 02 4a e1 3a d4 62 e6 be 14 66 e8 9b 17 b7 7f 7d 03 69 1c 35 19 b2 ca 99 6e f8 b0 ac ff eb 56 b0 e7 0f 59 fe 70 0d 54 89 db 5b c3 ac 79 cb ea db 00 0d bf 1e 17 0a 94 64 30 ab d0 9c c7 80 41 42 57 1f 88 9b 27 c1 46 be 8a ad 59 65 26 90 86 cd 49 d5 03 46 0c c0 e8 fd 9c e7 f8 6c 24 70 25 36 99 49 d4 1b c7 1a cc 8c cc d5 37 7c ec f4 95 58 e4 4a a0 dc c6 e2 05 1d c4 ae b8 f6 d5 60 f4 ae dc e4 94 3f d7 29 2c 39 1e 47 e3 09 b7 ce da 54 4e a4 3f c2 a7 ad 9c 8a
                                                                                                                                                                                                                          Data Ascii: 2+seC{u[nBh"X@aF=>fS]9#+E<l_84bM:f%0$r&J:bf}i5nVYpT[yd0ABW'FYe&IFl$p%6I7|XJ`?),9GTN?
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC1369INData Raw: df 52 2e 8c 5c 8f 82 4d 2b 47 e8 81 92 b0 3b 57 d5 0b 7c f3 2d 2e 01 31 eb 26 2f ba 2b 3d cc f3 69 b6 bd 29 88 e0 38 fc d6 9a 69 6a 39 99 83 a6 4d 16 01 84 9c ab bf 7c f3 82 43 c4 49 cf f3 95 fb 4a 83 a9 72 7c 91 90 8f 29 4d 89 39 24 90 b4 e8 1d bd b9 93 cb f3 39 8c 9a ac 43 23 ac 29 71 3e 7f a5 c9 9a 2b 03 47 8c 2b ad a2 f1 e9 f0 75 56 57 80 28 df b1 ad 87 1f fc e1 c7 60 da a7 81 40 12 87 7f 32 d5 2a 0a ad 8e fd f1 02 61 a6 37 ed 7c bb 8a 32 ef 0a be 16 35 72 72 f4 16 c8 02 49 b7 87 c8 bf 4e 10 88 17 55 b8 06 c4 81 af 74 70 83 8a 02 b1 bd cf a3 a9 e4 20 56 16 47 85 46 32 f2 7b e5 ec 68 e0 63 78 5b e1 f0 45 4e 47 97 45 91 03 3b 53 27 c7 05 ec 50 cb 9e 08 ba 23 64 79 3c 67 38 f5 d1 fe 3a d5 fa 42 93 ee a4 13 6b c6 5d dd 25 d0 f0 4c 87 70 38 83 9e 87 5b 0b
                                                                                                                                                                                                                          Data Ascii: R.\M+G;W|-.1&/+=i)8ij9M|CIJr|)M9$9C#)q>+G+uVW(`@2*a7|25rrINUtp VGF2{hcx[ENGE;S'P#dy<g8:Bk]%Lp8[
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC1369INData Raw: 9e 91 ec 5e 7a 0e bc 9a d1 48 49 cd 0c f9 cc 05 73 e0 45 40 f2 df 2c 47 ec 80 a1 f1 a4 c4 4a c8 31 dc 11 71 3d d0 bd 8c e0 7c f3 62 61 38 63 c1 03 4b 0e 1d 8f 36 e3 f2 af fb 2c 13 d7 a7 65 37 88 87 8c 54 b3 a5 6d ab b9 5e 8a 0a 8f cb 6c ab 4b 89 24 c6 4a a7 b9 08 82 c2 ce 15 da 44 15 53 13 5f 37 f2 bc 24 52 b0 f6 1b 03 99 d9 db ec 7c bc 6e 50 f1 a4 ab 6a dd 8a af bd ac b3 4e 0f 07 ff 4d 19 86 7e 8a 37 81 e0 ae 56 d5 78 d7 52 1d df d8 ab 8a 2d 1f 84 09 ff c2 85 60 f5 20 0a 9e 2f c8 6b 3e b9 63 8e 8e 93 f9 34 53 cc 3f d7 3c 10 21 81 e9 53 9a fd c1 04 23 2e d3 be 20 ba 9c e6 2c 92 05 76 d5 1c 31 01 c3 12 af 4b 04 71 c9 b7 a9 c3 de d1 e9 40 56 af 43 fd c0 73 f3 eb 30 27 73 58 fa b5 be b5 db 1f c9 fe ff fe 26 ea dc bc 4c 39 a3 bb 95 cb a4 1f 5b 5a 6a 77 42 d9
                                                                                                                                                                                                                          Data Ascii: ^zHIsE@,GJ1q=|ba8cK6,e7Tm^lK$JDS_7$R|nPjNM~7VxR-` /k>c4S?<!S#. ,v1Kq@VCs0'sX&L9[ZjwB
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC1369INData Raw: 05 86 1a 19 6c bb 41 e9 64 41 90 08 63 cf b1 63 b7 c1 a5 0e 41 2c 77 05 55 b4 d1 58 a3 67 f7 c6 24 e0 28 4e 89 ae 6a 60 ac 9a cb 3e 13 20 06 19 bd cc a0 1b 22 1e 49 10 fa 52 6c 21 6e e5 26 fa f1 45 95 17 c9 3e c3 17 b8 58 e9 a6 55 30 96 bc 6c 85 a5 58 e8 ab e9 00 4b 39 d6 07 3b 2f 79 d3 7c 52 e8 97 d5 a7 51 41 97 12 71 1c 3b 3a 28 88 dc ca 73 48 05 36 81 c1 56 3f ee cf 87 f7 cd 0d 83 c8 9d ac ed bd cb 62 40 40 a2 8e 3a f9 69 0c 6b ef 5b e6 15 8f bc 3e 37 50 32 e6 27 27 47 a3 40 80 98 32 3b 83 af 13 c0 77 a2 6f 66 f4 8b 35 66 3e b6 82 03 54 9e 44 6e 77 c7 b6 15 e1 6b d2 c8 92 13 68 58 26 83 61 c9 55 e7 74 6e 63 24 8c ae 67 45 4d 36 84 8b 3c f2 30 f9 c9 1d c4 d6 c1 06 fc 1a d0 8c f0 0a 47 31 c3 37 30 2f 49 90 05 41 ab ec 8e 0f c2 70 32 91 c6 27 b4 b6 c8 57
                                                                                                                                                                                                                          Data Ascii: lAdAccA,wUXg$(Nj`> "IRl!n&E>XU0lXK9;/y|RQAq;:(sH6V?b@@:ik[>7P2''G@2;wof5f>TDnwkhX&aUtnc$gEM6<0G170/IAp2'W
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC1369INData Raw: 47 89 72 32 09 2f fd 2f 31 e6 2c 18 b0 8b 72 01 a5 32 9d 33 ff a1 65 4a 26 bb 90 94 49 d7 b6 14 19 a4 49 7b 7b 99 f3 60 c2 f1 cd 9e 01 d8 df 8d 64 7f 26 93 22 e5 fa 72 06 7f e3 cc 76 37 06 c3 af ca cf ad 1d 02 e8 61 2e af af 9d bf a3 0d fb 51 6c 47 73 8d 80 a8 2b 65 37 9c a9 80 c1 cf 76 28 e2 d7 ef 74 8f 7d 99 72 c8 49 fc 8a d3 01 3e ad 87 d0 38 3d cf 62 38 37 0e 8c 59 bb ad fd c7 4f 77 03 46 fd 82 9b 3d f1 6d 5a c4 2a 4e 77 fa 59 ae 48 99 72 c8 e1 47 d7 2a 8d a3 6b 45 31 80 28 a7 bc c7 6a ca e7 33 24 62 4f bc 7e bc 5b 1e 3a e5 f3 4f a2 40 7e 96 5d cd 27 ca 38 9d 45 ed b5 a9 cd 4d a8 8c 39 2f 59 ab 9e ce cc 5e 79 d1 c1 6a a6 39 92 9c 66 84 4c 73 3f d0 59 fb 41 33 51 ef fb 5a d1 b2 c4 0d b1 47 94 5b ef 67 5e a2 b0 39 cd fd be 69 f1 ce 4e ac 7b 62 77 ff da
                                                                                                                                                                                                                          Data Ascii: Gr2//1,r23eJ&II{{`d&"rv7a.QlGs+e7v(t}rI>8=b87YOwF=mZ*NwYHrG*kE1(j3$bO~[:O@~]'8EM9/Y^yj9fLs?YA3QZG[g^9iN{bw
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC579INData Raw: 2b 34 ba 27 4b ba 65 72 e2 10 93 1c f3 58 59 83 ad 1f c3 92 0d be 27 87 b2 8d f3 95 9c 51 ba 2c f7 34 90 96 d7 58 50 ee 79 a0 b0 b5 81 8a 9a d2 6a d1 1c c9 16 76 84 1d d5 1a 9a e1 d0 42 bb 2f 5e ef 0f 2c f5 fe f9 49 1a b0 45 97 1d 2c 86 81 8c a3 01 32 28 a9 a9 ec 62 5b f2 f9 22 11 66 16 e9 46 d3 63 d4 6a c0 b0 87 d7 55 b7 de 70 25 01 cd ef 9e 3e 62 00 70 85 36 0d fb b3 c8 30 52 d4 f1 c6 68 0d 7a 31 4d 7b ac e4 60 83 4b 86 64 7f c3 c1 d2 bc b4 41 12 08 48 ce 43 8e 0f 43 a7 1b 39 36 55 d8 b0 ac 45 eb 0e 9c be dc 2d 38 d0 ac bb bd a7 03 ee 45 59 7e f1 04 4d 7a 23 7b 69 5a 85 5e b4 6b 2c 16 32 78 44 46 2e f5 5f 92 3a 5d df 27 98 4c 4a 6a ce 18 31 38 44 02 35 d2 6a 54 cc 92 6f 33 65 a6 90 34 2b d5 d2 6e aa 5b a7 73 09 16 5a b5 9b ec d6 a0 54 33 29 61 39 b2 47
                                                                                                                                                                                                                          Data Ascii: +4'KerXY'Q,4XPyjvB/^,IE,2(b["fFcjUp%>bp60Rhz1M{`KdAHCC96UE-8EY~Mz#{iZ^k,2xDF._:]'LJj18D5jTo3e4+n[sZT3)a9G


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          80192.168.2.449827104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC557OUTGET /wp-content/uploads/bitsum_logo_transparent.png HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912402.55.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC890INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:28 GMT
                                                                                                                                                                                                                          Content-Type: image/png
                                                                                                                                                                                                                          Content-Length: 2914
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: max-age=3600
                                                                                                                                                                                                                          Cf-Bgj: imgq:100,h2pri
                                                                                                                                                                                                                          Cf-Polished: status=not_needed
                                                                                                                                                                                                                          ETag: "fc9c7-b62-5477ff47bc7e3"
                                                                                                                                                                                                                          Expires: Sun, 05 May 2024 13:33:28 GMT
                                                                                                                                                                                                                          Last-Modified: Wed, 01 Feb 2017 22:56:11 GMT
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Vary: Accept
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: REVALIDATED
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sBd6cG7u%2BWtMWiGhkaTKa5nfH29g2KWFNo6GU87w0KpiN2UqUk39xCTAXknmz86YuHPyquL5kcv4mEu18warl90ArA0dFZajhxjuXKABL6qMYL3ppsHNRT4uUtg%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c25abebb81f1-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC479INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 11 00 00 00 64 08 03 00 00 00 96 d2 f4 7a 00 00 02 10 50 4c 54 45 00 00 00 ff ff ff fb fe fa ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 82 c2 32 a7 d4 6f d9 ed c4 8d c7 40 94 cb 4f af d8 7d e6 f3 d9 88 c4 37 d1 e9 b6 ca e5 af e3 f2 d7 72 bd 35 d0 ea c0 ff ff ff 86 c4 3c ff ff ff a1 d1 64 b9 dd 90 c7 e4 a8 da ef cf ea f5 e1 ac d6 76 ff ff ff 7b be 25 b4 da 84 c2 e1 9b c6 e3 a1 ca e8 bd eb f5 dc 81 c1 2d ff ff ff 54 bf 60 6f c2 56 9a cd 58 ff ff ff ff ff ff ff ff ff 73 be 3d 83 c4 43 ff ff ff ff ff ff 87 d0 83 b8 dc 88 ff ff ff ff ff ff 2d b0 3d 7f c1 39 4d b7 3d ff ff ff ff ff ff 8e
                                                                                                                                                                                                                          Data Ascii: PNGIHDRdzPLTE2o@O}7r5<dv{%-T`oVXs=C-=9M=
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC1369INData Raw: 3e b4 44 76 be 39 8e c8 49 78 c0 3c 7d bf 26 dd ee c5 94 d8 a3 c1 e0 93 aa d5 75 61 ba 40 f5 f9 e8 eb f5 de d1 e9 b6 a3 d2 66 44 b5 43 30 b2 42 6d bc 3b 23 ad 36 e1 f2 d6 9f ce 5c 4c b6 3f 70 bd 3b 7a c0 36 f8 fc fa 5b c3 6e 4e bd 5f 45 b9 50 5a b9 3e bf e6 bc 69 c8 7b b9 dc b8 0a 00 00 00 5f 74 52 4e 53 00 ec 02 8d d3 e1 a9 1e 89 83 33 22 be 67 b1 93 74 20 42 1a cc b7 79 20 a8 99 69 17 b2 2e 37 0b b4 25 e7 ad 9a 84 56 3c 14 07 72 46 c5 63 4a 43 29 0f bd 3b 94 92 90 28 da ba ac a5 9f 69 67 5e 4b d7 be b1 ac a3 97 91 8b 88 78 6f 60 ba b5 af 9e 9c 7a 57 a2 9f 9d 80 7d 4e be b6 b4 44 d3 be c4 c4 0b 00 00 08 a2 49 44 41 54 78 da ed 9c 07 57 1a 41 10 80 07 83 e9 d5 48 13 50 91 88 bd 97 24 1a 63 7a ef bd 63 40 f4 a8 22 9c 68 c0 1e c0 6e 34 96 24 9a de 7b fe 62
                                                                                                                                                                                                                          Data Ascii: >Dv9Ix<}&ua@fDC0Bm;#6\L?p;z6[nN_EPZ>i{_tRNS3"gt By i.7%V<rFcJC);(ig^Kxo`zW}NDIDATxWAHP$czc@"hn4${b
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC1066INData Raw: 21 18 34 84 68 91 48 17 da 08 28 c5 a2 24 04 87 9e 5a 62 23 b9 e7 2a eb 6a ab 5c d6 4e 12 22 cd 2d 12 35 20 b2 4c 43 30 30 3c fc d9 ef 43 9a d1 89 24 6e 81 8d 20 64 16 1b 97 c1 bd ef fe 47 15 68 a4 c1 62 76 d6 60 5e 0d 16 b3 21 e2 f7 6b b3 53 53 73 2e 8e 18 11 1f c9 2e f1 0b 6e 84 b0 73 19 18 29 24 46 5c 0d 16 2b 1a 69 36 84 5e 39 23 f1 6b d5 80 24 5c 1c 7a 40 2a 26 3e 43 50 b5 08 46 96 47 7d a4 f0 31 31 62 71 58 cd 35 b8 d3 d8 64 40 38 fb 59 07 c0 2a 19 61 ab 48 06 89 8e 2f 46 ae 3d ae a8 ac 6d 70 58 4d 26 b7 b1 d9 3f 18 c5 1a b9 98 0a 2c ba 4f 8d 58 59 c3 0c 13 94 f3 c4 48 da 15 34 62 77 a1 11 73 6b 4d 73 b0 38 64 a4 18 42 a4 38 49 65 8d 24 5d 6d 0a 3f 8c 28 bf e3 aa c1 23 9a b5 de dc ea 35 fa 93 81 21 53 91 06 88 0c df 2e 78 9d 8d a4 90 e4 f3 a7 f3 c3
                                                                                                                                                                                                                          Data Ascii: !4hH($Zb#*j\N"-5 LC00<C$n dGhbv`^!kSSs..ns)$F\+i6^9#k$\z@*&>CPFG}11bqX5d@8Y*aH/F=mpXM&?,OXYH4bwskMs8dB8Ie$]m?(#5!S.x


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          81192.168.2.449828104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:28 UTC883OUTGET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                          Sec-Fetch-User: ?1
                                                                                                                                                                                                                          Sec-Fetch-Dest: document
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912402.55.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC1041INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:29 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                          Link: <https://bitsum.com/wp-json/>; rel="https://api.w.org/"
                                                                                                                                                                                                                          Link: <https://bitsum.com/wp-json/wp/v2/pages/26649>; rel="alternate"; type="application/json"
                                                                                                                                                                                                                          Link: <https://bitsum.com/?p=26649>; rel=shortlink
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wuZv3yY95%2Fr%2F929GtU44BMygayM5fanYrUWR7OprlwOD5ha82ocWJ1F5dCPa4P8ouR5%2B0kKKjGPeEUY8CiNZe80mHF%2FPeDRGDoLavl%2Bj7zIetxzQ%2BJUCHfxSAtg%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c25b1e2b2084-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC328INData Raw: 37 62 61 33 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65
                                                                                                                                                                                                                          Data Ascii: 7ba3<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><link rel="profile" href="http://gmpg.org/xfn/11" /><link rel="pingback" href="https://bitsum.com/xmlrpc.php" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta name
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC1369INData Raw: 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 66 61 76 69 63 6f 6e 2e 70 6e 67 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 47 65 74 20 50 72 6f 63 65 73 73 20 4c 61 73 73 6f 20 50 72 6f 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f
                                                                                                                                                                                                                          Data Ascii: viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /><link rel="shortcut icon" href="https://bitsum.com/wp-content/uploads/favicon.png" type="image/x-icon" /><title>Get Process Lasso Pro</title><meta name="ro
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC1369INData Raw: 64 65 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 29 20 3a 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 65 66 61 75 6c 74 4c 6f 63 61 74 69 6f 6e 73 20 29 3b 0a 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 76 61 72 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 4c 6f 63 61 74 69 6f 6e 73 20 3d 20 28 74 79 70 65 6f 66 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65
                                                                                                                                                                                                                          Data Ascii: deQuery === 'object') ? MonsterInsightsPrivacyGuardFilter( MonsterInsightsExcludeQuery ) : MonsterInsightsPrivacyGuardFilter( MonsterInsightsDefaultLocations );} else {var MonsterInsightsLocations = (typeof MonsterInsightsExcludeQuery === 'obje
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC1369INData Raw: 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 20 3d 20 7b 0a 09 09 09 09 09 68 65 6c 70 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 09 74 72 61 63 6b 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 7d 3b 0a 09 09 09 09 69 66 20 28 6d 69 5f 74 72 61 63 6b 5f 75 73 65 72 29 20 7b 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 29 20 7b 0a 09 09 09 09 09 09 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 0a 09 09 09 09 09 7d 0a 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 54 72 61 63 6b 65 72 28 74 79 70 65 2c 20 6e 61 6d 65 2c 20 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 69 66 20 28 21 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09
                                                                                                                                                                                                                          Data Ascii: sterInsightsDualTracker = {helpers: {},trackers: {},};if (mi_track_user) {function __gtagDataLayer() {dataLayer.push(arguments);}function __gtagTracker(type, name, parameters) {if (!parameters) {
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC1369INData Raw: 20 68 74 74 70 73 3a 2f 2f 64 65 76 65 6c 6f 70 65 72 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 6e 61 6c 79 74 69 63 73 2f 64 65 76 67 75 69 64 65 73 2f 63 6f 6c 6c 65 63 74 69 6f 6e 2f 61 6e 61 6c 79 74 69 63 73 6a 73 2f 20 2a 2f 0a 09 09 09 09 09 09 2f 2a 20 67 61 20 61 6e 64 20 5f 5f 67 61 54 72 61 63 6b 65 72 20 63 6f 6d 70 61 74 69 62 69 6c 69 74 79 20 73 68 69 6d 2e 20 2a 2f 0a 09 09 09 09 09 09 76 61 72 20 6e 6f 6f 70 66 6e 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 0a 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 76 61 72 20 6e 65 77 74 72 61 63 6b 65 72 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 65 77 20 54 72 61 63 6b 65 72 28 29
                                                                                                                                                                                                                          Data Ascii: https://developers.google.com/analytics/devguides/collection/analyticsjs/ *//* ga and __gaTracker compatibility shim. */var noopfn = function () {return null;};var newtracker = function () {return new Tracker()
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC1369INData Raw: 09 09 09 09 09 27 65 76 65 6e 74 41 63 74 69 6f 6e 27 3a 20 27 70 61 67 65 5f 76 69 65 77 27 2c 0a 09 09 09 09 09 09 09 09 09 09 09 09 27 70 61 67 65 5f 70 61 74 68 27 3a 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 2c 0a 09 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 4f 62 6a 65 63 74 20 3d 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 35 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09
                                                                                                                                                                                                                          Data Ascii: 'eventAction': 'page_view','page_path': arguments[2],}}}if (typeof arguments[2] === 'object') {hitObject = arguments[2];}if (typeof arguments[5] === 'object') {
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC1369INData Raw: 72 72 65 72 27 2c 0a 09 09 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 09 09 66 6f 72 20 28 61 72 67 20 69 6e 20 61 72 67 73 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 69 66 20 28 21 28 21 61 72 67 73 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 20 7c 7c 20 21 67 61 4d 61 70 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 29 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 67 61 4d 61 70 5b 61 72 67 5d 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 61 72 67 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 72 65 74 75 72 6e 20
                                                                                                                                                                                                                          Data Ascii: rrer',};for (arg in args) {if (!(!args.hasOwnProperty(arg) || !gaMap.hasOwnProperty(arg))) {hit[gaMap[arg]] = args[arg];} else {hit[arg] = args[arg];}}return
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC1369INData Raw: 72 6f 70 65 72 74 79 28 6d 61 70 49 6e 64 65 78 29 29 20 7b 0a 09 09 09 09 09 09 69 74 65 6d 5b 66 69 65 6c 64 4d 61 70 5b 6d 61 70 49 6e 64 65 78 5d 5d 20 3d 20 75 61 49 74 65 6d 5b 6d 61 70 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 7d 0a 09 09 09 09 7d 0a 0a 09 09 09 09 66 6f 72 20 28 70 72 65 66 69 78 49 6e 64 65 78 20 3d 20 30 3b 20 70 72 65 66 69 78 49 6e 64 65 78 20 3c 20 74 6f 42 65 50 72 65 66 69 78 65 64 2e 6c 65 6e 67 74 68 3b 20 70 72 65 66 69 78 49 6e 64 65 78 2b 2b 29 20 7b 0a 09 09 09 09 09 70 72 65 66 69 78 4b 65 79 20 3d 20 74 6f 42 65 50 72 65 66 69 78 65 64 5b 70 72 65 66 69 78 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 75 61 49 74 65 6d 5b 70 72 65 66 69 78 4b 65 79 5d 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65
                                                                                                                                                                                                                          Data Ascii: roperty(mapIndex)) {item[fieldMap[mapIndex]] = uaItem[mapIndex];}}for (prefixIndex = 0; prefixIndex < toBePrefixed.length; prefixIndex++) {prefixKey = toBePrefixed[prefixIndex];if (typeof uaItem[prefixKey] !== 'undefine
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC1369INData Raw: 74 65 72 73 29 20 7b 0a 09 09 09 09 63 6f 6e 73 74 20 69 74 65 6d 73 20 3d 20 70 61 72 61 6d 65 74 65 72 73 2e 69 74 65 6d 73 2e 6d 61 70 28 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 68 65 6c 70 65 72 73 2e 6d 61 70 50 72 6f 64 75 63 74 49 74 65 6d 29 3b 0a 09 09 09 09 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 27 65 76 65 6e 74 27 2c 20 27 73 65 6c 65 63 74 5f 69 74 65 6d 27 2c 20 7b 69 74 65 6d 73 3a 20 69 74 65 6d 73 2c 20 73 65 6e 64 5f 74 6f 3a 20 70 61 72 61 6d 65 74 65 72 73 2e 73 65 6e 64 5f 74 6f 7d 29 3b 0a 09 09 09 7d 3b 0a 0a 09 09 09 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 74 72 61 63 6b 65 72 73 5b 27 76 69 65 77 5f 69 74 65 6d 27 5d 20 3d 20 66 75 6e 63 74
                                                                                                                                                                                                                          Data Ascii: ters) {const items = parameters.items.map(MonsterInsightsDualTracker.helpers.mapProductItem);__gtagDataLayer('event', 'select_item', {items: items, send_to: parameters.send_to});};MonsterInsightsDualTracker.trackers['view_item'] = funct
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC1369INData Raw: 3d 72 5b 74 5d 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 75 28 65 2c 74 2c 6e 29 7b 73 77 69 74 63 68 28 74 29 7b 63 61 73 65 22 66 6c 61 67 22 3a 72 65 74 75 72 6e 20 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 32 36 61 37 5c 75 66 65 30 66 22 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 62 5c 75 32 36 61 37 5c 75 66 65 30 66 22 29 3f 21 31 3a 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 64 38 33 63 5c 75 64 64 66 33 22 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 32 30 30 62 5c 75 64 38 33 63 5c 75 64 64 66 33 22 29 26 26 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 64 62 34 30
                                                                                                                                                                                                                          Data Ascii: =r[t]})}function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          82192.168.2.449829151.101.64.1764434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC622OUTGET /v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js HTTP/1.1
                                                                                                                                                                                                                          Host: js.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: script
                                                                                                                                                                                                                          Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC641INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Content-Length: 526
                                                                                                                                                                                                                          Last-Modified: Fri, 11 Nov 2022 20:25:36 GMT
                                                                                                                                                                                                                          ETag: "d96c709017743c0759cf3853d1806ba5"
                                                                                                                                                                                                                          Cache-Control: max-age=31536000
                                                                                                                                                                                                                          Content-Type: text/javascript; charset=utf-8
                                                                                                                                                                                                                          strict-transport-security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          x-content-type-options: nosniff
                                                                                                                                                                                                                          access-control-allow-origin: *
                                                                                                                                                                                                                          server: Fastly
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Age: 2417720
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:29 GMT
                                                                                                                                                                                                                          Via: 1.1 varnish
                                                                                                                                                                                                                          X-Request-ID: f65f2870-a892-45eb-8c83-e222ec80b04e
                                                                                                                                                                                                                          X-Served-By: cache-iad-kcgs7200125-IAD
                                                                                                                                                                                                                          X-Cache: HIT
                                                                                                                                                                                                                          X-Cache-Hits: 0
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          Timing-Allow-Origin: *
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC526INData Raw: 21 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 65 3d 22 68 74 74 70 73 3a 2f 2f 6d 2e 73 74 72 69 70 65 2e 6e 65 74 77 6f 72 6b 22 2c 6e 3d 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 68 61 73 68 2c 74 3d 2f 70 72 65 76 69 65 77 3d 74 72 75 65 2f 2e 74 65 73 74 28 6e 29 3f 22 69 6e 6e 65 72 2d 70 72 65 76 69 65 77 2e 68 74 6d 6c 22 3a 22 69 6e 6e 65 72 2e 68 74 6d 6c 22 2c 6f 3d 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 69 66 72 61 6d 65 22 29 3b 6f 2e 73 72 63 3d 22 22 2e 63 6f 6e 63 61 74 28 65 2c 22 2f 22 29 2e 63 6f 6e 63 61 74 28 74 29 2e 63 6f 6e 63 61 74 28 6e 29 3b 76 61 72 20 69 3d 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 69 66 28 6e 2e 6f 72 69 67 69 6e 3d 3d 3d 65 29 7b 76 61
                                                                                                                                                                                                                          Data Ascii: !function(){"use strict";var e="https://m.stripe.network",n=window.location.hash,t=/preview=true/.test(n)?"inner-preview.html":"inner.html",o=document.createElement("iframe");o.src="".concat(e,"/").concat(t).concat(n);var i=function(n){if(n.origin===e){va


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          83192.168.2.449830142.251.16.1134434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC1243OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912395180&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=406&tfd=17495 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:29 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          84192.168.2.449831104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC560OUTGET /wp-content/uploads/30dayrefund-e1605890583229.png HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912402.55.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC893INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:29 GMT
                                                                                                                                                                                                                          Content-Type: image/png
                                                                                                                                                                                                                          Content-Length: 12720
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: max-age=3600
                                                                                                                                                                                                                          Cf-Bgj: imgq:100,h2pri
                                                                                                                                                                                                                          Cf-Polished: origSize=15142
                                                                                                                                                                                                                          ETag: "fdfc6-3b26-5b48c89c94beb"
                                                                                                                                                                                                                          Expires: Sun, 05 May 2024 13:33:29 GMT
                                                                                                                                                                                                                          Last-Modified: Fri, 20 Nov 2020 16:43:03 GMT
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Vary: Accept
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: REVALIDATED
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u9I55xkGi1HdD7AInTclgOeMRU4N%2BFNHw66QccYaX7I13IQ%2F6mykakTXeo3TbUfntlYPpYXYbG1Pp50QHnZso4wDipLDDA%2BefYOsa235MrtyjZvwdlfJIDxOaIM%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c25e3add57f6-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC476INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 2c 00 00 01 05 08 04 00 00 00 f3 d7 12 00 00 00 31 77 49 44 41 54 78 da ec d2 3d 4b 9b 51 1c 86 f1 93 2b 24 be b4 19 0a 4f b0 e0 60 db 41 3a 38 28 0e 05 d1 6e ed de 42 5d 1c 14 dd 52 70 e8 57 08 e9 07 70 e9 26 52 bf 80 20 b4 1d 2a b6 42 e8 20 74 2b 3a 66 70 0b 18 43 b1 48 cc 93 7f 41 c2 a1 1e 4e 8b 50 50 62 ee df 35 de eb ed 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 44 7a 00 50 20 e7 fe 81 1c f7 c0 89 5c 1d 23 94 a9 b2 c9 2c d9 e8 9e 65 96 4d f6 29 33 e2 44 ae 7c ab 2d da 18 c6 11 2b e4 5d 80 3c 2b 1c 61 18 6d b6 74 2d f1 c8 32 ce 24 85 e8 36 cc 1a 6d ac 5b 93 55 f2 c1 ad 56 69 fa bd cd 1a c3 2e 82 02 93 8c 93 75 d2 2f c8 51 a2 46 9d 1d 16 c2
                                                                                                                                                                                                                          Data Ascii: PNGIHDR,1wIDATx=KQ+$O`A:8(nB]RpWp&R *B t+:fpCHANPPb5DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDzP \#,eM)3D|-+]<+amt-2$6m[UVi.u/QF
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC1369INData Raw: a4 ac 33 e4 a4 37 30 c3 31 e6 fb c5 37 de 30 4d 91 69 be d0 c1 6e a0 0e bf d9 b5 63 90 36 a2 38 8e e3 e7 2f 8d 24 21 55 68 09 81 10 74 72 52 70 88 ed d0 2e 2e 9a b5 0e 82 a5 cd a0 b8 15 11 3a 9a a9 c5 ba e9 e4 a4 a8 9b d0 55 85 22 28 06 41 0b 25 5d 84 22 11 1c 74 08 a6 70 42 68 93 98 42 fc b6 94 92 21 5c 4d 4c eb 79 c2 7d be db 9b ff f0 ee bd 77 29 3d 52 58 31 bd d6 47 15 45 b5 73 3d 31 5c 77 81 a4 59 8b 8f 6b 53 07 ca 36 33 56 01 82 35 05 9a 1b ad 9c be c8 b4 38 1c cc ba 2f 8e 77 82 1e 28 2d 9a cb 47 3b 1d c4 e8 27 c1 04 f3 2c b0 c8 26 bb 35 6d b2 c8 02 f3 4c 90 a0 9f 18 1d b4 e3 43 cd f6 59 0f 0d 97 f3 e9 b1 ce c5 75 f2 13 a5 8f 04 49 d6 d8 e7 18 93 02 15 1a 51 a1 80 c9 31 fb ac 91 24 41 1f 51 fc e8 7a e5 f5 d4 70 39 9d 5a 34 d5 e8 86 17 a4 8b 38 d3 ac
                                                                                                                                                                                                                          Data Ascii: 370170Minc68/$!UhtrRp..:U"(A%]"tpBhB!\MLy}w)=RX1GEs=1\wYkS63V58/w(-G;',&5mLCYuIQ1$AQzp9Z48
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC1369INData Raw: 10 5f 8a b1 e6 0a 32 11 fd 38 82 3d 87 e9 83 bb b1 36 d2 01 91 c7 14 2e 21 1b 91 c7 af 28 c1 ca 01 c6 13 a0 3d 13 d9 e6 ba 72 05 59 40 47 cf 58 cd 8d da 6a b3 b0 aa 80 df 10 4a 39 5c 6f c3 20 b2 11 b9 dc ca fb 5c 81 c8 8e d9 f0 b6 93 87 e8 c2 5b 84 28 65 27 ab f9 35 35 60 52 c9 30 57 63 45 f9 29 42 5c 46 25 25 cc 27 17 71 39 c7 88 67 27 17 9b a9 d8 41 1c c1 8d 10 bf a1 00 35 d6 66 b5 f5 79 34 0d 9d a9 fd 22 5e 7d f9 33 11 92 c6 0c d7 fd cc e0 56 72 10 19 5c c3 7d e4 20 ae a4 c2 dc 30 cf 43 04 b8 8e f1 0c a1 0b d9 f4 8c db c2 82 8c 74 8d b1 2a 18 8e 10 f3 00 28 63 28 22 9b 3f 5a 6c 35 04 e1 67 10 ed 10 c3 a9 c0 9d 08 7f a6 2f b2 6a bf ce f4 79 34 0d 5d ab 1a 11 ab 0b d8 42 94 94 30 c3 f5 3e ec 60 21 f9 88 00 e7 d0 0d d1 9e 17 cc 75 61 3c 8a 51 80 02 de 04
                                                                                                                                                                                                                          Data Ascii: _28=6.!(=rY@GXjJ9\o \[(e'55`R0WcE)B\F%%'q9g'A5fy4"^}3Vr\} 0Ct*(c("?Zl5g/jy4]B0>`!ua<Q
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC1369INData Raw: 98 c4 44 8c 0e fc db 09 e3 44 84 0f 28 c3 9e 12 c6 a0 58 15 6b aa f2 5b 79 49 5a 01 75 d1 50 4d d1 23 da 1d 5f 70 ee c5 9b 2e cd 29 7e fc 88 4c 46 b1 89 30 18 44 38 c8 d3 cc 61 16 cb d8 4d 1d 4e 94 f0 24 43 c8 40 9f b1 32 18 cc 12 3e 26 8a 33 7f a1 3d a2 27 3b b0 27 c4 4a fa 33 97 10 f6 bc 49 1f 6b 61 7a b7 1e d1 14 0d 55 f7 56 98 7a 50 3b 5d ad e5 da a5 72 45 44 bc 72 58 4c 04 27 6a 99 4d 06 59 0c 24 cf e8 4f 98 4f 19 16 5c 42 e7 e1 64 a3 53 a4 2c 2e 64 39 e5 38 11 e4 16 02 88 51 bc 6d 63 c0 4f b8 8b 4e 88 4e 3c e7 60 cf 08 4f da e5 b4 22 2a d7 1e 2d d7 55 ad aa 81 59 6d b4 40 41 61 af eb 28 27 11 c5 0c 45 f4 e1 a7 c6 67 35 9b eb d8 45 24 c9 43 ec 5f 23 07 9d 62 e5 f0 b5 04 03 00 0e 33 9e 00 a2 2f 0b 28 b7 34 02 5d 43 26 42 14 f0 5b a2 d8 53 c5 44 e4 a4
                                                                                                                                                                                                                          Data Ascii: DD(Xk[yIZuPM#_p.)~LF0D8aMN$C@2>&3=';'J3IkazUVzP;]rEDrXL'jMY$OO\BdS,.d98QmcONN<`O"*-UYm@Aa('Eg5E$C_#b3/(4]C&B[SD
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC1369INData Raw: ee 61 34 4a b0 b6 95 50 0d 6c a3 43 0a 29 d3 49 94 63 25 c4 53 1c 22 65 8c 79 85 16 d5 69 af 7e a4 42 df e9 87 be a8 37 14 11 8d 35 8c 13 a4 4e 84 08 80 5d e7 7b d2 ea cd 4e 9e 62 2c 43 59 c8 3e be 86 6c 95 6d b1 6a c0 b1 e0 3b 91 0f 58 c8 50 c6 f2 14 db e9 99 52 a1 67 21 61 ac 84 89 92 3a 27 18 86 ec 14 d1 1b fa a2 ef f4 42 99 5a e9 f4 69 5d 40 73 b1 9e 1e 28 05 75 65 88 61 92 0c fa d2 07 9d a4 fa 98 ad d1 d9 0c 4e b1 aa d8 83 f5 34 17 0b 9c 57 ed 95 a7 d9 b5 03 ca d1 46 a7 fe ab 7d 34 0f 87 b9 04 a5 b1 2e e1 30 cd c3 3e e7 d5 72 e3 69 d6 51 2a 69 89 b0 d3 14 ea 68 0e c2 dc 49 a0 85 5a 26 39 05 b8 93 30 cd 41 1d 53 90 bd 96 9c 76 21 bc 46 aa cc 2e 7e 79 96 e6 61 03 f9 2d d4 30 c9 2b 9f 0d 34 0f cf da c7 81 65 69 7d ee 50 ed d5 d3 46 e7 e8 05 bb 7c f5 56
                                                                                                                                                                                                                          Data Ascii: a4JPlC)Ic%S"eyi~B75N]{Nb,CY>lmj;XPRg!a:'BZi]@s(ueaN4WF}4.0>riQ*ihIZ&90ASv!F.~ya-0+4ei}PF|V
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC1369INData Raw: a6 64 2c f7 cb bd b3 79 12 2b af c4 6d 5e 5f e5 b5 98 8c 96 5d db e3 8b 71 e6 09 f0 53 22 0e eb 55 6f de 8b bd db d0 d4 4f 4f a6 a7 e1 97 69 d5 d3 60 87 46 a9 32 d1 3c 99 28 fb d9 c0 32 66 31 9e f1 3c 49 28 81 b1 b2 59 6d b3 c6 5d 40 09 f1 dc 6d 99 01 73 e2 a4 8c 05 75 fc 90 00 4a 60 94 28 b7 c5 ad 31 0f 51 cd 55 c8 54 e3 b6 c7 5a 6e b6 4c c9 fa 10 00 78 8b fc b8 bc d4 fd 44 6c 8d 35 91 da a6 f6 34 54 6a 94 2f dd 69 e8 73 e0 5b d4 e3 46 c8 34 95 d3 56 98 cf 1e 20 c2 64 cb 74 2d eb 6b af 26 1b 99 3a 83 f7 4f d2 58 b0 8f b3 50 02 a3 7c c4 f9 c8 54 0f 76 03 0f c5 c4 81 66 db a3 e3 0d 38 19 3c 40 14 a8 63 26 8a d1 97 f9 c8 5c c9 ae b0 3c 6d 3e 40 79 d3 7a 1a b6 2a cf 97 fe e8 27 8a 0e e0 08 a9 13 e6 d9 b8 0d 63 1c d5 40 39 5f 46 31 9a 87 95 77 e3 42 e7 5c 5e
                                                                                                                                                                                                                          Data Ascii: d,y+m^_]qS"UoOOi`F2<(2f1<I(Ym]@msuJ`(1QUTZnLxDl54Tj/is[F4V dt-k&:OXP|Tvf8<@c&\<m>@yz*'c@9_F1wB\^
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC1369INData Raw: a5 fb f5 b2 f9 06 9b 29 a5 9a 62 96 d3 df e1 1e 8b d7 e9 66 69 16 de 4e 90 3a 3e e4 d6 b8 f5 21 c0 bd 44 53 3b 4c 61 6a 31 93 b1 9e b2 16 01 be 43 d0 e6 23 21 a6 10 c6 9e 0f e8 89 2c e5 e8 d4 8d 55 ce 75 c8 54 27 26 b0 8c 0d 6c 62 03 0f 71 31 81 b8 b2 d2 13 38 61 e6 de c2 fa 8e 2f 3d 51 8e 5e 32 7a 93 12 f2 0a d6 6a 59 27 86 30 82 b3 c9 46 0e 07 23 ea b8 c3 92 bb c9 67 34 d7 73 36 59 d6 94 6a b3 1e ff 0a 30 9e 23 96 d2 b3 eb 96 6b a6 49 9d cb d1 ee c6 8a b2 dc 88 36 ad 9b af d9 d8 6d ea cb 1c 05 70 fb 79 5e 4a d3 0b 9b 34 50 1f b9 7c 76 0c 93 dc 4d 26 72 55 27 fe 08 26 87 19 81 fb 13 d8 d3 44 9b d1 58 d9 dc c4 11 bb 9e 51 d7 db e6 9f 20 0b 59 fa 49 53 33 56 b9 79 58 23 e9 63 ba 6e 3f cf 71 0d f1 a5 23 ba 53 d1 7e 14 e1 ce 27 4c 24 e0 6a 92 5f 11 22 96 37
                                                                                                                                                                                                                          Data Ascii: )bfiN:>!DS;Laj1C#!,UuT'&lbq18a/=Q^2zjY'0F#g4s6Yj0#kI6mpy^J4P|vM&rU'&DXQ YIS3VyX#cn?q#S~'L$j_"7
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC1369INData Raw: d7 6c 62 2d 37 d3 01 d1 89 3f 10 c5 4a 84 15 74 43 b8 ab 0b 5b c0 e0 63 ce 47 16 05 98 44 19 76 94 31 c9 66 cb 3d 9f 8f c1 60 0b 5d 92 3c ad b8 82 08 8d 79 93 5e 88 5e ec 32 52 29 67 f2 20 41 dc 08 33 0b 7f 6c 54 b5 5c f9 be d6 85 be a8 e3 96 ab 20 1d 88 72 2f 01 44 36 b7 72 dc cc 5a 2d a3 13 62 10 45 34 a6 9e a5 74 44 76 72 3c 66 75 84 7e 49 df a8 5a c1 f7 6c 57 a3 7e 1c 49 f1 cc 62 47 96 52 6f 1b 4f 8e 46 64 f2 00 11 a2 fc 96 0e 88 2b 28 c5 82 db 9d 3f c7 d3 f4 3a f1 93 41 85 2a 4a 7c 7d 2d 96 cb 89 26 50 06 26 21 7e 4a 06 19 2c c4 8e 10 bf c2 dd 5a dd 79 97 32 56 b1 9c c3 54 73 b9 c3 86 79 1b 95 c4 52 c9 6d 0e 9b dc e5 54 73 98 65 ac a4 c4 bc cf c7 59 ce 9b 79 1d 77 91 81 c8 66 0e 25 bc 4d 7f 44 0f 36 01 b0 87 df 50 8e 3d 61 e3 96 44 53 45 2a f4 b5 36
                                                                                                                                                                                                                          Data Ascii: lb-7?JtC[cGDv1f=`]<y^^2R)g A3lT\ r/D6rZ-bE4tDvr<fu~IZlW~IbGRoOFd+(?:A*J|}-&P&!~J,Zy2VTsyRmTseYywf%MD6P=aDSE*6
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC1369INData Raw: cc 47 f2 05 e4 22 02 4c e0 28 a9 52 c9 1e 56 33 97 f1 0c a4 3b 39 c8 45 39 74 67 20 e3 99 cb 6a f6 50 49 32 d4 f1 32 5f 23 17 71 29 a5 60 52 c6 14 32 11 01 be 4e 49 43 08 2f 32 b9 91 c3 2e 8f 2c 71 aa d7 0d 3e 8f 78 34 4b d1 c6 01 f0 5c 42 38 73 98 3e 88 0e bc 66 66 a0 7f 47 67 a3 be 57 44 d3 09 71 8c 77 59 c7 63 cc 63 1a e3 19 69 d1 78 a6 31 8f c7 58 c7 bb 1c 23 94 d2 ed cd 77 18 c5 a5 3c 6e a7 cc 92 02 9d 40 00 91 c5 38 23 84 9f c2 71 ec 09 31 d7 fe c1 63 b6 cf c3 d2 9f f5 6b fb 66 b8 25 84 b1 60 b9 4b b5 0d cf 5a 9a 64 2e 60 37 76 d4 37 d1 66 41 8b 42 34 85 2a 9e 62 20 01 84 9f cb 79 91 5a a7 44 a9 d9 14 5d 86 3d 11 7e 43 27 64 a7 df a5 f5 80 8f e6 47 ed b5 45 d8 29 9f 3f 11 c1 89 65 e4 20 be c8 6a f6 f1 90 11 c8 9f c1 06 ec d8 c9 14 56 52 c6 bf 82 30
                                                                                                                                                                                                                          Data Ascii: G"L(RV3;9E9tg jPI22_#q)`R2NIC/2.,q>x4K\B8s>ffGgWDqwYccix1X#w<n@8#q1ckf%`KZd.`7v7fAB4*b yZD]=~C'dGE)?e jVR0
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC1292INData Raw: 9c 20 b0 81 b6 88 81 1c c3 ca 21 7a 21 44 0e b9 b4 c5 8f c8 b0 d9 0c 8b e9 8b e8 ca 4e 00 42 ac a4 80 2c 7a 32 87 20 16 dc 06 ae 59 55 6f 39 39 5e a1 1b 7d 1e 4d 47 99 ba 56 8f e8 65 3d ad 45 9a a9 a9 ba 4a 37 e8 1e 7d 68 73 c3 84 b1 6e a5 46 94 a9 18 35 3d 73 20 6d 21 45 58 30 0a 34 01 72 1b 94 6d 3c 39 d6 10 4f 98 29 71 cf 81 11 b6 f0 07 f6 13 22 19 a2 ec 66 32 b9 76 ad 30 f7 e8 06 5d a5 a9 9a a9 45 7a 5a af 68 b9 ae 55 a6 cf e3 a4 4b 3b 6d a4 b8 7f 5f af 2a 61 55 5f 1e e0 23 52 23 c8 b7 e9 4a 5b 9e 02 60 3b 79 0e c6 9a 6b f4 23 bc ca 26 36 f1 63 32 8c 0c 95 5d fe 3d c0 37 a8 23 55 3e e2 01 fa da 77 2c 5c 1f 5b ba 91 d4 c6 ab 0b 7e 46 a8 83 b6 da 1f 69 bf 94 d5 04 b1 e0 b2 39 ee e2 45 8e 18 1b 5e a1 ad b1 2a b9 0c e1 67 99 99 08 e8 85 08 b0 10 2b fb 99
                                                                                                                                                                                                                          Data Ascii: !z!DNB,z2 YUo99^}MGVe=EJ7}hsnF5=s m!EX04rm<9O)q"f2v0]EzZhUK;m_*aU_#R#J[`;yk#&6c2]=7#U>w,\[~Fi9E^*g+


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          85192.168.2.449833192.0.76.34434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC461OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3994&rand=0.20887544996126906 HTTP/1.1
                                                                                                                                                                                                                          Host: pixel.wp.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:29 GMT
                                                                                                                                                                                                                          Content-Type: image/gif
                                                                                                                                                                                                                          Content-Length: 50
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                          Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          86192.168.2.449834104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC810OUTGET /wp-includes/js/wp-emoji-release.min.js?ver=35eac6e98b37c7568cceeeeb456d12a3 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: script
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912402.55.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC792INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:29 GMT
                                                                                                                                                                                                                          Content-Type: application/javascript
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Wed, 03 Apr 2024 15:53:31 GMT
                                                                                                                                                                                                                          ETag: W/"4279a-4926-61533396fa2ee-gzip"
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: HIT
                                                                                                                                                                                                                          Age: 5359
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cD%2BS9cXHUTnMPPRt%2BCYtC5KN0Aog4NJIYNf3jtxzLuYqYrnifhbBt%2BAj7PCbzWsNEziCg8d1gVKS7OtNf%2B42aWdombpoX%2BSonVxh0i4jhHlRWaV6%2FZffk09icyY%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c25faa1420c4-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC577INData Raw: 34 39 32 36 0d 0a 2f 2a 21 20 54 68 69 73 20 66 69 6c 65 20 69 73 20 61 75 74 6f 2d 67 65 6e 65 72 61 74 65 64 20 2a 2f 0a 2f 2f 20 53 6f 75 72 63 65 3a 20 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 74 77 65 6d 6f 6a 69 2e 6d 69 6e 2e 6a 73 0a 76 61 72 20 74 77 65 6d 6f 6a 69 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 68 3d 7b 62 61 73 65 3a 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 6a 73 64 65 6c 69 76 72 2e 6e 65 74 2f 67 68 2f 6a 64 65 63 6b 65 64 2f 74 77 65 6d 6f 6a 69 40 31 35 2e 30 2e 33 2f 61 73 73 65 74 73 2f 22 2c 65 78 74 3a 22 2e 70 6e 67 22 2c 73 69 7a 65 3a 22 37 32 78 37 32 22 2c 63 6c 61 73 73 4e 61 6d 65 3a 22 65 6d 6f 6a 69 22 2c 63 6f 6e 76 65 72 74 3a 7b 66 72 6f 6d 43 6f 64 65 50 6f 69 6e 74
                                                                                                                                                                                                                          Data Ascii: 4926/*! This file is auto-generated */// Source: wp-includes/js/twemoji.min.jsvar twemoji=function(){"use strict";var h={base:"https://cdn.jsdelivr.net/gh/jdecked/twemoji@15.0.3/assets/",ext:".png",size:"72x72",className:"emoji",convert:{fromCodePoint
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC1369INData Raw: 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 64 3f 66 75 6e 63 74 69 6f 6e 28 64 2c 61 29 7b 72 65 74 75 72 6e 20 6e 28 64 2c 66 75 6e 63 74 69 6f 6e 28 64 29 7b 76 61 72 20 75 2c 66 2c 63 3d 64 2c 65 3d 4e 28 64 29 2c 62 3d 61 2e 63 61 6c 6c 62 61 63 6b 28 65 2c 61 29 3b 69 66 28 65 26 26 62 29 7b 66 6f 72 28 66 20 69 6e 20 63 3d 22 3c 69 6d 67 20 22 2e 63 6f 6e 63 61 74 28 27 63 6c 61 73 73 3d 22 27 2c 61 2e 63 6c 61 73 73 4e 61 6d 65 2c 27 22 20 27 2c 27 64 72 61 67 67 61 62 6c 65 3d 22 66 61 6c 73 65 22 20 27 2c 27 61 6c 74 3d 22 27 2c 64 2c 27 22 27 2c 27 20 73 72 63 3d 22 27 2c 62 2c 27 22 27 29 2c 75 3d 61 2e 61 74 74 72 69 62 75 74 65 73 28 64 2c 65 29 29 75 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 66 29 26 26 30 21 3d 3d 66 2e 69 6e 64
                                                                                                                                                                                                                          Data Ascii: string"==typeof d?function(d,a){return n(d,function(d){var u,f,c=d,e=N(d),b=a.callback(e,a);if(e&&b){for(f in c="<img ".concat('class="',a.className,'" ','draggable="false" ','alt="',d,'"',' src="',b,'"'),u=a.attributes(d,e))u.hasOwnProperty(f)&&0!==f.ind
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC1369INData Raw: 64 29 7b 72 65 74 75 72 6e 22 6e 75 6d 62 65 72 22 3d 3d 74 79 70 65 6f 66 20 64 3f 64 2b 22 78 22 2b 64 3a 64 7d 28 75 2e 73 69 7a 65 7c 7c 68 2e 73 69 7a 65 29 2c 63 6c 61 73 73 4e 61 6d 65 3a 75 2e 63 6c 61 73 73 4e 61 6d 65 7c 7c 68 2e 63 6c 61 73 73 4e 61 6d 65 2c 6f 6e 65 72 72 6f 72 3a 75 2e 6f 6e 65 72 72 6f 72 7c 7c 68 2e 6f 6e 65 72 72 6f 72 7d 29 7d 2c 72 65 70 6c 61 63 65 3a 6e 2c 74 65 73 74 3a 66 75 6e 63 74 69 6f 6e 28 64 29 7b 67 2e 6c 61 73 74 49 6e 64 65 78 3d 30 3b 64 3d 67 2e 74 65 73 74 28 64 29 3b 72 65 74 75 72 6e 20 67 2e 6c 61 73 74 49 6e 64 65 78 3d 30 2c 64 7d 7d 2c 75 3d 7b 22 26 22 3a 22 26 61 6d 70 3b 22 2c 22 3c 22 3a 22 26 6c 74 3b 22 2c 22 3e 22 3a 22 26 67 74 3b 22 2c 22 27 22 3a 22 26 23 33 39 3b 22 2c 27 22 27 3a 22 26
                                                                                                                                                                                                                          Data Ascii: d){return"number"==typeof d?d+"x"+d:d}(u.size||h.size),className:u.className||h.className,onerror:u.onerror||h.onerror})},replace:n,test:function(d){g.lastIndex=0;d=g.test(d);return g.lastIndex=0,d}},u={"&":"&amp;","<":"&lt;",">":"&gt;","'":"&#39;",'"':"&
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC1369INData Raw: 5c 75 64 38 33 64 5c 75 64 63 36 39 5c 75 64 38 33 63 5c 75 64 66 66 65 5c 75 32 30 30 64 5c 75 32 37 36 34 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 64 38 33 64 5c 75 64 63 38 62 5c 75 32 30 30 64 5c 75 64 38 33 64 5c 75 64 63 36 38 5c 75 64 38 33 63 5b 5c 75 64 66 66 62 2d 5c 75 64 66 66 66 5d 7c 5c 75 64 38 33 64 5c 75 64 63 36 39 5c 75 64 38 33 63 5c 75 64 66 66 65 5c 75 32 30 30 64 5c 75 32 37 36 34 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 64 38 33 64 5c 75 64 63 38 62 5c 75 32 30 30 64 5c 75 64 38 33 64 5c 75 64 63 36 39 5c 75 64 38 33 63 5b 5c 75 64 66 66 62 2d 5c 75 64 66 66 66 5d 7c 5c 75 64 38 33 64 5c 75 64 63 36 39 5c 75 64 38 33 63 5c 75 64 66 66 66 5c 75 32 30 30 64 5c 75 32 37 36 34 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 64 38 33 64 5c
                                                                                                                                                                                                                          Data Ascii: \ud83d\udc69\ud83c\udffe\u200d\u2764\ufe0f\u200d\ud83d\udc8b\u200d\ud83d\udc68\ud83c[\udffb-\udfff]|\ud83d\udc69\ud83c\udffe\u200d\u2764\ufe0f\u200d\ud83d\udc8b\u200d\ud83d\udc69\ud83c[\udffb-\udfff]|\ud83d\udc69\ud83c\udfff\u200d\u2764\ufe0f\u200d\ud83d\
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC1369INData Raw: 5c 75 64 38 33 65 5c 75 64 64 31 64 5c 75 32 30 30 64 5c 75 64 38 33 64 5c 75 64 63 36 38 5c 75 64 38 33 63 5b 5c 75 64 66 66 62 5c 75 64 66 66 63 5c 75 64 66 66 65 5c 75 64 66 66 66 5d 7c 5c 75 64 38 33 64 5c 75 64 63 36 38 5c 75 64 38 33 63 5c 75 64 66 66 65 5c 75 32 30 30 64 5c 75 32 37 36 34 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 64 38 33 64 5c 75 64 63 36 38 5c 75 64 38 33 63 5b 5c 75 64 66 66 62 2d 5c 75 64 66 66 66 5d 7c 5c 75 64 38 33 64 5c 75 64 63 36 38 5c 75 64 38 33 63 5c 75 64 66 66 65 5c 75 32 30 30 64 5c 75 64 38 33 65 5c 75 64 64 31 64 5c 75 32 30 30 64 5c 75 64 38 33 64 5c 75 64 63 36 38 5c 75 64 38 33 63 5b 5c 75 64 66 66 62 2d 5c 75 64 66 66 64 5c 75 64 66 66 66 5d 7c 5c 75 64 38 33 64 5c 75 64 63 36 38 5c 75 64 38 33 63 5c 75 64 66
                                                                                                                                                                                                                          Data Ascii: \ud83e\udd1d\u200d\ud83d\udc68\ud83c[\udffb\udffc\udffe\udfff]|\ud83d\udc68\ud83c\udffe\u200d\u2764\ufe0f\u200d\ud83d\udc68\ud83c[\udffb-\udfff]|\ud83d\udc68\ud83c\udffe\u200d\ud83e\udd1d\u200d\ud83d\udc68\ud83c[\udffb-\udffd\udfff]|\ud83d\udc68\ud83c\udf
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC1369INData Raw: 64 5c 75 64 38 33 64 5c 75 64 63 36 39 5c 75 64 38 33 63 5b 5c 75 64 66 66 62 5c 75 64 66 66 63 5c 75 64 66 66 65 5c 75 64 66 66 66 5d 7c 5c 75 64 38 33 64 5c 75 64 63 36 39 5c 75 64 38 33 63 5c 75 64 66 66 65 5c 75 32 30 30 64 5c 75 32 37 36 34 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 64 38 33 64 5c 75 64 63 36 38 5c 75 64 38 33 63 5b 5c 75 64 66 66 62 2d 5c 75 64 66 66 66 5d 7c 5c 75 64 38 33 64 5c 75 64 63 36 39 5c 75 64 38 33 63 5c 75 64 66 66 65 5c 75 32 30 30 64 5c 75 32 37 36 34 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 64 38 33 64 5c 75 64 63 36 39 5c 75 64 38 33 63 5b 5c 75 64 66 66 62 2d 5c 75 64 66 66 66 5d 7c 5c 75 64 38 33 64 5c 75 64 63 36 39 5c 75 64 38 33 63 5c 75 64 66 66 65 5c 75 32 30 30 64 5c 75 64 38 33 65 5c 75 64 64 31 64 5c 75 32
                                                                                                                                                                                                                          Data Ascii: d\ud83d\udc69\ud83c[\udffb\udffc\udffe\udfff]|\ud83d\udc69\ud83c\udffe\u200d\u2764\ufe0f\u200d\ud83d\udc68\ud83c[\udffb-\udfff]|\ud83d\udc69\ud83c\udffe\u200d\u2764\ufe0f\u200d\ud83d\udc69\ud83c[\udffb-\udfff]|\ud83d\udc69\ud83c\udffe\u200d\ud83e\udd1d\u2
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC1369INData Raw: 64 31 5c 75 64 38 33 63 5b 5c 75 64 66 66 62 2d 5c 75 64 66 66 66 5d 7c 5c 75 64 38 33 65 5c 75 64 64 64 31 5c 75 64 38 33 63 5c 75 64 66 66 66 5c 75 32 30 30 64 5c 75 32 37 36 34 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 64 38 33 65 5c 75 64 64 64 31 5c 75 64 38 33 63 5b 5c 75 64 66 66 62 2d 5c 75 64 66 66 65 5d 7c 5c 75 64 38 33 65 5c 75 64 64 64 31 5c 75 64 38 33 63 5c 75 64 66 66 66 5c 75 32 30 30 64 5c 75 64 38 33 65 5c 75 64 64 31 64 5c 75 32 30 30 64 5c 75 64 38 33 65 5c 75 64 64 64 31 5c 75 64 38 33 63 5b 5c 75 64 66 66 62 2d 5c 75 64 66 66 66 5d 7c 5c 75 64 38 33 64 5c 75 64 63 36 38 5c 75 32 30 30 64 5c 75 32 37 36 34 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 64 38 33 64 5c 75 64 63 38 62 5c 75 32 30 30 64 5c 75 64 38 33 64 5c 75 64 63 36 38 7c
                                                                                                                                                                                                                          Data Ascii: d1\ud83c[\udffb-\udfff]|\ud83e\uddd1\ud83c\udfff\u200d\u2764\ufe0f\u200d\ud83e\uddd1\ud83c[\udffb-\udffe]|\ud83e\uddd1\ud83c\udfff\u200d\ud83e\udd1d\u200d\ud83e\uddd1\ud83c[\udffb-\udfff]|\ud83d\udc68\u200d\u2764\ufe0f\u200d\ud83d\udc8b\u200d\ud83d\udc68|
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC1369INData Raw: 37 34 5c 75 64 64 37 35 5d 7c 5c 75 32 36 66 39 29 28 28 3f 3a 5c 75 64 38 33 63 5b 5c 75 64 66 66 62 2d 5c 75 64 66 66 66 5d 7c 5c 75 66 65 30 66 29 5c 75 32 30 30 64 5b 5c 75 32 36 34 30 5c 75 32 36 34 32 5d 5c 75 66 65 30 66 29 7c 28 3f 3a 5c 75 64 38 33 63 5b 5c 75 64 66 63 33 5c 75 64 66 63 34 5c 75 64 66 63 61 5d 7c 5c 75 64 38 33 64 5b 5c 75 64 63 36 65 5c 75 64 63 37 30 5c 75 64 63 37 31 5c 75 64 63 37 33 5c 75 64 63 37 37 5c 75 64 63 38 31 5c 75 64 63 38 32 5c 75 64 63 38 36 5c 75 64 63 38 37 5c 75 64 65 34 35 2d 5c 75 64 65 34 37 5c 75 64 65 34 62 5c 75 64 65 34 64 5c 75 64 65 34 65 5c 75 64 65 61 33 5c 75 64 65 62 34 2d 5c 75 64 65 62 36 5d 7c 5c 75 64 38 33 65 5b 5c 75 64 64 32 36 5c 75 64 64 33 35 5c 75 64 64 33 37 2d 5c 75 64 64 33 39 5c 75
                                                                                                                                                                                                                          Data Ascii: 74\udd75]|\u26f9)((?:\ud83c[\udffb-\udfff]|\ufe0f)\u200d[\u2640\u2642]\ufe0f)|(?:\ud83c[\udfc3\udfc4\udfca]|\ud83d[\udc6e\udc70\udc71\udc73\udc77\udc81\udc82\udc86\udc87\ude45-\ude47\ude4b\ude4d\ude4e\udea3\udeb4-\udeb6]|\ud83e[\udd26\udd35\udd37-\udd39\u
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC1369INData Raw: 32 36 32 30 5c 75 66 65 30 66 7c 5c 75 64 38 33 64 5c 75 64 63 31 35 5c 75 32 30 30 64 5c 75 64 38 33 65 5c 75 64 64 62 61 7c 5c 75 64 38 33 64 5c 75 64 63 33 62 5c 75 32 30 30 64 5c 75 32 37 34 34 5c 75 66 65 30 66 7c 5c 75 64 38 33 64 5c 75 64 63 34 31 5c 75 32 30 30 64 5c 75 64 38 33 64 5c 75 64 64 65 38 7c 5c 75 64 38 33 64 5c 75 64 63 36 38 5c 75 32 30 30 64 5c 75 64 38 33 64 5b 5c 75 64 63 36 36 5c 75 64 63 36 37 5d 7c 5c 75 64 38 33 64 5c 75 64 63 36 39 5c 75 32 30 30 64 5c 75 64 38 33 64 5b 5c 75 64 63 36 36 5c 75 64 63 36 37 5d 7c 5c 75 64 38 33 64 5c 75 64 63 36 66 5c 75 32 30 30 64 5c 75 32 36 34 30 5c 75 66 65 30 66 7c 5c 75 64 38 33 64 5c 75 64 63 36 66 5c 75 32 30 30 64 5c 75 32 36 34 32 5c 75 66 65 30 66 7c 5c 75 64 38 33 64 5c 75 64 65 32
                                                                                                                                                                                                                          Data Ascii: 2620\ufe0f|\ud83d\udc15\u200d\ud83e\uddba|\ud83d\udc3b\u200d\u2744\ufe0f|\ud83d\udc41\u200d\ud83d\udde8|\ud83d\udc68\u200d\ud83d[\udc66\udc67]|\ud83d\udc69\u200d\ud83d[\udc66\udc67]|\ud83d\udc6f\u200d\u2640\ufe0f|\ud83d\udc6f\u200d\u2642\ufe0f|\ud83d\ude2
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC1369INData Raw: 5c 75 32 36 61 31 5c 75 32 36 61 37 5c 75 32 36 61 61 5c 75 32 36 61 62 5c 75 32 36 62 30 5c 75 32 36 62 31 5c 75 32 36 62 64 5c 75 32 36 62 65 5c 75 32 36 63 34 5c 75 32 36 63 35 5c 75 32 36 63 38 5c 75 32 36 63 66 5c 75 32 36 64 31 5c 75 32 36 64 33 5c 75 32 36 64 34 5c 75 32 36 65 39 5c 75 32 36 65 61 5c 75 32 36 66 30 2d 5c 75 32 36 66 35 5c 75 32 36 66 38 5c 75 32 36 66 61 5c 75 32 36 66 64 5c 75 32 37 30 32 5c 75 32 37 30 38 5c 75 32 37 30 39 5c 75 32 37 30 66 5c 75 32 37 31 32 5c 75 32 37 31 34 5c 75 32 37 31 36 5c 75 32 37 31 64 5c 75 32 37 32 31 5c 75 32 37 33 33 5c 75 32 37 33 34 5c 75 32 37 34 34 5c 75 32 37 34 37 5c 75 32 37 35 37 5c 75 32 37 36 33 5c 75 32 37 36 34 5c 75 32 37 61 31 5c 75 32 39 33 34 5c 75 32 39 33 35 5c 75 32 62 30 35 2d 5c
                                                                                                                                                                                                                          Data Ascii: \u26a1\u26a7\u26aa\u26ab\u26b0\u26b1\u26bd\u26be\u26c4\u26c5\u26c8\u26cf\u26d1\u26d3\u26d4\u26e9\u26ea\u26f0-\u26f5\u26f8\u26fa\u26fd\u2702\u2708\u2709\u270f\u2712\u2714\u2716\u271d\u2721\u2733\u2734\u2744\u2747\u2757\u2763\u2764\u27a1\u2934\u2935\u2b05-\


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          87192.168.2.449836151.101.128.1764434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC686OUTGET /inner.html HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.network
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                          Sec-Fetch-Dest: iframe
                                                                                                                                                                                                                          Referer: https://js.stripe.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC1038INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Content-Length: 930
                                                                                                                                                                                                                          Cache-Control: max-age=300, public
                                                                                                                                                                                                                          Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                          content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
                                                                                                                                                                                                                          strict-transport-security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          x-content-type-options: nosniff
                                                                                                                                                                                                                          server: Fastly
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Age: 0
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:29 GMT
                                                                                                                                                                                                                          Via: 1.1 varnish
                                                                                                                                                                                                                          X-Request-ID: b540c20b-35e2-41be-a149-be2504855af5
                                                                                                                                                                                                                          X-Served-By: cache-lga21977-LGA
                                                                                                                                                                                                                          X-Cache: MISS
                                                                                                                                                                                                                          X-Cache-Hits: 0
                                                                                                                                                                                                                          X-Timer: S1714912410.701247,VS0,VE81
                                                                                                                                                                                                                          Vary: Accept-Encoding, Origin
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC930INData Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 3c 74 69 74 6c 65 3e 53 74 72 69 70 65 4d 2d 49 6e 6e 65 72 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 73 63 72 69 70 74 3e 21 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 73 63 72 69 70 74 22 29 3b 65 2e 64 65 66 65 72 3d 21 30 2c 65 2e 73 72 63 3d 22 6f 75 74 2d 34 2e 35 2e 34 33 2e 6a 73 22 2c 65 2e 6f 6e 6c 6f 61 64 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3b 77 69 6e 64 6f 77 2e 53 74 72 69 70 65 4d 26 26 28 65 3d 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 68 61 73 68 2c 2f 70 69 6e 67 3d 66
                                                                                                                                                                                                                          Data Ascii: <!doctype html><html><head><meta charset="utf-8"><title>StripeM-Inner</title></head><body><script>!function(){var e=document.createElement("script");e.defer=!0,e.src="out-4.5.43.js",e.onload=function(){var e;window.StripeM&&(e=window.location.hash,/ping=f


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          88192.168.2.449837104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC771OUTGET /?custom-css=c8bee26073 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912402.55.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:30 UTC822INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:30 GMT
                                                                                                                                                                                                                          Content-Type: text/css;charset=UTF-8
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Mon, 05 May 2025 12:33:30 GMT
                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e%2Bey8xGDxq3suCTvsUifDLORnSBZeMtUsHtAx0zs5qTmtNH5Gefk%2FrqmM5tpoIlk3lW5t%2F2hGGyAlZazoka2LCmi5IlwkYkMvPFiHOrbYKj3ysXBh2BTSOGhkWw%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c2628b575884-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:30 UTC547INData Raw: 66 31 38 0d 0a 40 69 6d 70 6f 72 74 20 75 72 6c 28 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 26 64 69 73 70 6c 61 79 3d 73 77 61 70 27 29 3b 0a 0a 2f 2a 20 64 69 73 61 62 6c 65 20 64 61 72 6b 20 6d 6f 64 65 20 70 65 6e 64 69 6e 67 20 6d 6f 72 65 20 70 72 65 63 69 73 65 20 77 6f 72 6b 20 2a 2f 0a 2f 2a 20 40 69 6d 70 6f 72 74 20 22 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6d 65 6d 69 6e 7a 2f 63 73 73 2f 64 61 72 6b 6d 6f 64 65 2d 63 75 73 74 6f 6d 2e 63 73 73 22 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 20 64 61 72 6b 29 3b 0a 2a 2f 0a 0a 23 6e 6f 2d 75 73 65 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f
                                                                                                                                                                                                                          Data Ascii: f18@import url('https://fonts.googleapis.com/css2?family=Roboto&display=swap');/* disable dark mode pending more precise work *//* @import "/wp-content/themes/meminz/css/darkmode-custom.css" (prefers-color-scheme: dark);*/#no-use {margin: 0 auto
                                                                                                                                                                                                                          2024-05-05 12:33:30 UTC1369INData Raw: 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 66 6f 63 75 73 0a 7b 0a 09 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 68 6f 76 65 72 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 2e 73 65 6c 65 63 74 65 64 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76
                                                                                                                                                                                                                          Data Ascii: default .navbar-nav li a:focus{border: none;}.navbar-default .navbar-nav li a:hover,.navbar-default .navbar-nav li a.selected,.navbar-default .navbar-nav .active a,.navbar-default .navbar-nav .dropdown.active a,.navbar-default .navbar-nav .activ
                                                                                                                                                                                                                          2024-05-05 12:33:30 UTC1369INData Raw: 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 2e 35 65 6d 3b 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 2e 35 65 6d 3b 0a 09 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 37 30 30 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 32 70 78 3b 0a 09 2d 6d 6f 7a 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 77 65 62 6b 69 74 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 6b 68 74 6d 6c 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 3b 0a 09 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 7d 0a 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 61 63 74 69 76 65 2c 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 68 6f 76 65 72 2c
                                                                                                                                                                                                                          Data Ascii: 0;padding: .5em;line-height: 2.5em;font-weight: 700;border-width: 2px;-moz-border-radius: .5em;-webkit-border-radius: .5em;-khtml-border-radius: .5em .5em .5em .5em;border-radius: .5em;}a.download_button:active,a.download_button:hover,
                                                                                                                                                                                                                          2024-05-05 12:33:30 UTC586INData Raw: 2d 63 6f 6c 6f 72 3a 20 23 45 30 45 30 45 30 3b 0a 09 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 39 41 39 41 39 41 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 31 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 7d 0a 0a 2e 77 70 62 5f 63 6f 6e 74 65 6e 74 5f 65 6c 65 6d 65 6e 74 20 2e 77 70 62 5f 74 61 62 73 5f 6e 61 76 20 7b 0a 09 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 68 69 64 64 65 6e 2c 20 2e 65 64 64 5f 73 6c 5f 6e 6f 5f 6d 61 6e 61 67 65 6d 65 6e 74 2c 20 2e 65 64 64 5f 73 6c 5f 73 74 61 74 75 73 5f 6c 61 62 65 6c 2c 20 2e 65 64 64 2d 73 6c 2d 61 63 74 69 76 65 2c
                                                                                                                                                                                                                          Data Ascii: -color: #E0E0E0;border-color: #9A9A9A;border-width: 1px;border-top-left-radius: 6px;border-top-right-radius: 6px;}.wpb_content_element .wpb_tabs_nav {border-style: none;}.hidden, .edd_sl_no_management, .edd_sl_status_label, .edd-sl-active,
                                                                                                                                                                                                                          2024-05-05 12:33:30 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          89192.168.2.449838142.251.16.1134434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC1235OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912408856&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=1293 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:30 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:30 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          90192.168.2.449839104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC902OUTPOST /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 136
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded; charset=UTF-8
                                                                                                                                                                                                                          X-Requested-With: XMLHttpRequest
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912408.49.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC136OUTData Raw: 61 63 74 69 6f 6e 3d 65 64 64 75 68 5f 74 72 61 63 6b 5f 68 69 73 74 6f 72 79 26 70 61 67 65 5f 75 72 6c 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 62 69 74 73 75 6d 2e 63 6f 6d 25 32 46 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 25 32 46 25 33 46 64 69 73 63 6f 75 6e 74 25 33 44 42 49 54 53 55 4d 32 35 4f 46 46 25 32 36 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 25 33 44 31 26 72 65 66 65 72 72 65 72 3d
                                                                                                                                                                                                                          Data Ascii: action=edduh_track_history&page_url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&referrer=
                                                                                                                                                                                                                          2024-05-05 12:33:30 UTC1018INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:30 GMT
                                                                                                                                                                                                                          Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                          Content-Length: 120
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          X-Robots-Tag: noindex
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GvQbUJ2JV0cdFaMikCnGgCmRg2CySI%2FA9DRifWMPUut2xxEbVy7%2FZVEoAQu99cDBhspyacYmdU%2FpP2T4koeYhMldOyMOzacwU0hAAv4sXUN8cwmeKU%2BvMdVeyy0%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c26359133b4a-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:30 UTC120INData Raw: 7b 22 73 75 63 63 65 73 73 22 3a 74 72 75 65 2c 22 64 61 74 61 22 3a 7b 22 70 61 67 65 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 62 69 74 73 75 6d 2e 63 6f 6d 5c 2f 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 5c 2f 3f 64 69 73 63 6f 75 6e 74 3d 42 49 54 53 55 4d 32 35 4f 46 46 26 23 30 33 38 3b 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 3d 31 22 7d 7d
                                                                                                                                                                                                                          Data Ascii: {"success":true,"data":{"page_url":"https:\/\/bitsum.com\/get-lasso-pro\/?discount=BITSUM25OFF&#038;inproductcoupon=1"}}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          91192.168.2.449840104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:29 UTC811OUTGET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714912409 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912408.49.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:30 UTC745INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:30 GMT
                                                                                                                                                                                                                          Content-Type: text/css
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Fri, 20 Jan 2023 17:33:14 GMT
                                                                                                                                                                                                                          ETag: "1f80ab-0-5f2b571b5b143"
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: MISS
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wKHW52u26iC%2Bteuu43QgHGT0vEWkRnSSCrkIE5fjnrJv66bZogJPxzQI3FZFEoFMUAMyu3At%2B18m7KHB4aa%2FUEQRWeCnVyzzkl5U70CrpG6BRcBVcuV7ywed%2BQc%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c2638a1307ff-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          92192.168.2.449841151.101.128.1764434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:30 UTC540OUTGET /out-4.5.43.js HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.network
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: script
                                                                                                                                                                                                                          Referer: https://m.stripe.network/inner.html
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:30 UTC537INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Content-Length: 88751
                                                                                                                                                                                                                          Cache-Control: max-age=300, public
                                                                                                                                                                                                                          Content-Type: text/javascript; charset=utf-8
                                                                                                                                                                                                                          strict-transport-security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          x-content-type-options: nosniff
                                                                                                                                                                                                                          server: Fastly
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Age: 0
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:30 GMT
                                                                                                                                                                                                                          Via: 1.1 varnish
                                                                                                                                                                                                                          X-Request-ID: a909bdfb-4444-48ae-a2be-602065cb4e3f
                                                                                                                                                                                                                          X-Served-By: cache-lga21971-LGA
                                                                                                                                                                                                                          X-Cache: MISS
                                                                                                                                                                                                                          X-Cache-Hits: 0
                                                                                                                                                                                                                          X-Timer: S1714912410.246901,VS0,VE133
                                                                                                                                                                                                                          Vary: Accept-Encoding, Origin
                                                                                                                                                                                                                          2024-05-05 12:33:30 UTC1378INData Raw: 76 61 72 20 53 74 72 69 70 65 4d 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 7b 7d 3b 66 75 6e 63 74 69 6f 6e 20 6e 28 72 29 7b 69 66 28 74 5b 72 5d 29 72 65 74 75 72 6e 20 74 5b 72 5d 2e 65 78 70 6f 72 74 73 3b 76 61 72 20 5f 3d 74 5b 72 5d 3d 7b 69 3a 72 2c 6c 3a 21 31 2c 65 78 70 6f 72 74 73 3a 7b 7d 7d 3b 72 65 74 75 72 6e 20 65 5b 72 5d 2e 63 61 6c 6c 28 5f 2e 65 78 70 6f 72 74 73 2c 5f 2c 5f 2e 65 78 70 6f 72 74 73 2c 6e 29 2c 5f 2e 6c 3d 21 30 2c 5f 2e 65 78 70 6f 72 74 73 7d 72 65 74 75 72 6e 20 6e 2e 6d 3d 65 2c 6e 2e 63 3d 74 2c 6e 2e 64 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 72 29 7b 6e 2e 6f 28 65 2c 74 29 7c 7c 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 65 2c 74 2c 7b 65 6e 75 6d 65 72 61 62 6c 65 3a 21
                                                                                                                                                                                                                          Data Ascii: var StripeM=function(e){var t={};function n(r){if(t[r])return t[r].exports;var _=t[r]={i:r,l:!1,exports:{}};return e[r].call(_.exports,_,_.exports,n),_.l=!0,_.exports}return n.m=e,n.c=t,n.d=function(e,t,r){n.o(e,t)||Object.defineProperty(e,t,{enumerable:!
                                                                                                                                                                                                                          2024-05-05 12:33:30 UTC1378INData Raw: 6c 26 26 65 21 3d 3d 53 79 6d 62 6f 6c 2e 70 72 6f 74 6f 74 79 70 65 3f 22 73 79 6d 62 6f 6c 22 3a 74 79 70 65 6f 66 20 65 7d 2c 6f 28 65 29 7d 76 61 72 20 69 3d 6d 28 22 77 69 6e 22 29 2e 50 72 6f 6d 69 73 65 7c 7c 6d 28 22 50 50 72 6f 6d 69 73 65 22 29 3b 66 75 6e 63 74 69 6f 6e 20 63 28 29 7b 76 61 72 20 65 3d 6d 28 22 77 69 6e 22 29 2e 70 65 72 66 6f 72 6d 61 6e 63 65 3b 72 65 74 75 72 6e 20 65 26 26 65 2e 6e 6f 77 3f 65 2e 6e 6f 77 28 29 3a 44 61 74 65 2e 6e 6f 77 28 29 7d 66 75 6e 63 74 69 6f 6e 20 75 28 65 29 7b 76 61 72 20 74 3d 6d 28 22 6e 6f 77 22 29 28 29 3b 72 65 74 75 72 6e 7b 72 65 73 75 6c 74 3a 65 28 29 2c 64 75 72 61 74 69 6f 6e 3a 6d 28 22 6e 6f 77 22 29 28 29 2d 74 7d 7d 66 75 6e 63 74 69 6f 6e 20 61 28 29 7b 76 61 72 20 65 3d 61 72 67
                                                                                                                                                                                                                          Data Ascii: l&&e!==Symbol.prototype?"symbol":typeof e},o(e)}var i=m("win").Promise||m("PPromise");function c(){var e=m("win").performance;return e&&e.now?e.now():Date.now()}function u(e){var t=m("now")();return{result:e(),duration:m("now")()-t}}function a(){var e=arg
                                                                                                                                                                                                                          2024-05-05 12:33:30 UTC1378INData Raw: 74 2e 63 72 65 61 74 65 28 6e 75 6c 6c 29 2c 6e 3d 74 5b 65 5d 29 2c 6e 7d 28 45 3d 79 28 29 29 2e 5f 5f 72 65 77 69 72 65 5f 72 65 73 65 74 5f 61 6c 6c 5f 5f 7c 7c 28 45 2e 5f 5f 72 65 77 69 72 65 5f 72 65 73 65 74 5f 61 6c 6c 5f 5f 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 45 2e 5f 5f 24 24 47 4c 4f 42 41 4c 5f 52 45 57 49 52 45 5f 52 45 47 49 53 54 52 59 5f 5f 3d 4f 62 6a 65 63 74 2e 63 72 65 61 74 65 28 6e 75 6c 6c 29 7d 29 3b 76 61 72 20 52 3d 22 5f 5f 49 4e 54 45 4e 54 49 4f 4e 41 4c 5f 55 4e 44 45 46 49 4e 45 44 5f 5f 22 2c 70 3d 7b 7d 3b 66 75 6e 63 74 69 6f 6e 20 6d 28 65 29 7b 76 61 72 20 74 3d 62 28 29 3b 69 66 28 76 6f 69 64 20 30 3d 3d 3d 74 5b 65 5d 29 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 65 29 7b 73 77 69 74 63 68 28 65 29 7b 63 61 73
                                                                                                                                                                                                                          Data Ascii: t.create(null),n=t[e]),n}(E=y()).__rewire_reset_all__||(E.__rewire_reset_all__=function(){E.__$$GLOBAL_REWIRE_REGISTRY__=Object.create(null)});var R="__INTENTIONAL_UNDEFINED__",p={};function m(e){var t=b();if(void 0===t[e])return function(e){switch(e){cas
                                                                                                                                                                                                                          2024-05-05 12:33:30 UTC1378INData Raw: 72 3d 3d 3d 53 79 6d 62 6f 6c 26 26 65 21 3d 3d 53 79 6d 62 6f 6c 2e 70 72 6f 74 6f 74 79 70 65 3f 22 73 79 6d 62 6f 6c 22 3a 74 79 70 65 6f 66 20 65 7d 2c 72 28 65 29 7d 6e 2e 64 28 74 2c 22 66 22 2c 28 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 5f 7d 29 29 2c 6e 2e 64 28 74 2c 22 63 22 2c 28 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6f 7d 29 29 2c 6e 2e 64 28 74 2c 22 65 22 2c 28 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 69 7d 29 29 2c 6e 2e 64 28 74 2c 22 61 22 2c 28 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 63 7d 29 29 2c 6e 2e 64 28 74 2c 22 62 22 2c 28 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 75 7d 29 29 2c 6e 2e 64 28 74 2c 22 64 22 2c 28 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e
                                                                                                                                                                                                                          Data Ascii: r===Symbol&&e!==Symbol.prototype?"symbol":typeof e},r(e)}n.d(t,"f",(function(){return _})),n.d(t,"c",(function(){return o})),n.d(t,"e",(function(){return i})),n.d(t,"a",(function(){return c})),n.d(t,"b",(function(){return u})),n.d(t,"d",(function(){return
                                                                                                                                                                                                                          2024-05-05 12:33:30 UTC1378INData Raw: 6a 65 63 74 22 3d 3d 3d 72 28 65 29 3f 28 4f 62 6a 65 63 74 2e 6b 65 79 73 28 65 29 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 6e 5b 74 5d 3d 65 5b 74 5d 7d 29 29 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 4f 62 6a 65 63 74 2e 6b 65 79 73 28 65 29 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 4f 28 65 29 7d 29 29 7d 29 3a 28 6e 5b 65 5d 3d 76 6f 69 64 20 30 3d 3d 3d 74 3f 64 3a 74 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 4f 28 65 29 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 4f 28 65 29 7b 76 61 72 20 74 3d 76 28 29 3b 64 65 6c 65 74 65 20 74 5b 65 5d 2c 30 3d 3d 4f 62 6a 65 63 74 2e 6b 65 79 73 28 74 29 2e 6c 65 6e 67 74 68 26 26 64 65 6c 65 74 65 20 68 28 29 5b 45 5d 7d 66 75 6e 63 74 69 6f 6e 20 4c 28 65 29 7b 76 61 72 20 74 3d
                                                                                                                                                                                                                          Data Ascii: ject"===r(e)?(Object.keys(e).forEach((function(t){n[t]=e[t]})),function(){Object.keys(e).forEach((function(t){O(e)}))}):(n[e]=void 0===t?d:t,function(){O(e)})}function O(e){var t=v();delete t[e],0==Object.keys(t).length&&delete h()[E]}function L(e){var t=
                                                                                                                                                                                                                          2024-05-05 12:33:30 UTC989INData Raw: 61 6c 75 65 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 65 29 7b 76 61 72 20 74 3d 68 28 22 74 69 6d 65 72 22 29 28 74 68 69 73 2e 65 78 74 72 61 63 74 6f 72 29 2c 6e 3d 74 2e 72 65 73 75 6c 74 2c 72 3d 74 2e 64 75 72 61 74 69 6f 6e 2c 6f 3d 68 28 22 6e 6f 77 22 29 28 29 3b 72 65 74 75 72 6e 20 6e 2e 74 68 65 6e 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 68 28 22 6e 6f 77 22 29 28 29 2c 6e 3d 65 2e 61 73 79 6e 63 3f 74 2d 6f 3a 30 2c 69 3d 2b 28 72 2b 6e 29 2e 74 6f 50 72 65 63 69 73 69 6f 6e 28 35 29 3b 72 65 74 75 72 6e 22 6f 62 6a 65 63 74 22 21 3d 3d 5f 28 65 29 3f 7b 76 61 6c 75 65 3a 65 2c 69 6e 74 65 72 6e 61 6c 56 61 6c 75 65 3a 65 2c 63 61 6c 63 75 6c 61 74 69 6f 6e 54 69 6d 65 4d 73 3a 69 7d 3a 7b 76 61 6c 75 65 3a 65 2e 76
                                                                                                                                                                                                                          Data Ascii: alue:function(e){if(e){var t=h("timer")(this.extractor),n=t.result,r=t.duration,o=h("now")();return n.then((function(e){var t=h("now")(),n=e.async?t-o:0,i=+(r+n).toPrecision(5);return"object"!==_(e)?{value:e,internalValue:e,calculationTimeMs:i}:{value:e.v
                                                                                                                                                                                                                          2024-05-05 12:33:30 UTC1378INData Raw: 29 7b 76 61 72 20 65 3d 66 28 29 2c 74 3d 73 28 29 2c 6e 3d 74 5b 65 5d 3b 72 65 74 75 72 6e 20 6e 7c 7c 28 74 5b 65 5d 3d 4f 62 6a 65 63 74 2e 63 72 65 61 74 65 28 6e 75 6c 6c 29 2c 6e 3d 74 5b 65 5d 29 2c 6e 7d 28 75 3d 63 28 29 29 2e 5f 5f 72 65 77 69 72 65 5f 72 65 73 65 74 5f 61 6c 6c 5f 5f 7c 7c 28 75 2e 5f 5f 72 65 77 69 72 65 5f 72 65 73 65 74 5f 61 6c 6c 5f 5f 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 75 2e 5f 5f 24 24 47 4c 4f 42 41 4c 5f 52 45 57 49 52 45 5f 52 45 47 49 53 54 52 59 5f 5f 3d 4f 62 6a 65 63 74 2e 63 72 65 61 74 65 28 6e 75 6c 6c 29 7d 29 3b 76 61 72 20 79 3d 22 5f 5f 49 4e 54 45 4e 54 49 4f 4e 41 4c 5f 55 4e 44 45 46 49 4e 45 44 5f 5f 22 2c 45 3d 7b 7d 3b 66 75 6e 63 74 69 6f 6e 20 68 28 65 29 7b 76 61 72 20 74 3d 6c 28 29 3b 69 66 28
                                                                                                                                                                                                                          Data Ascii: ){var e=f(),t=s(),n=t[e];return n||(t[e]=Object.create(null),n=t[e]),n}(u=c()).__rewire_reset_all__||(u.__rewire_reset_all__=function(){u.__$$GLOBAL_REWIRE_REGISTRY__=Object.create(null)});var y="__INTENTIONAL_UNDEFINED__",E={};function h(e){var t=l();if(
                                                                                                                                                                                                                          2024-05-05 12:33:30 UTC1378INData Raw: 5f 22 2c 64 29 2c 70 28 22 5f 5f 52 65 73 65 74 44 65 70 65 6e 64 65 6e 63 79 5f 5f 22 2c 64 29 2c 70 28 22 5f 5f 77 69 74 68 5f 5f 22 2c 62 29 2c 70 28 22 5f 5f 52 65 77 69 72 65 41 50 49 5f 5f 22 2c 45 29 29 7d 29 2e 63 61 6c 6c 28 74 68 69 73 2c 6e 28 33 29 29 7d 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 3b 6e 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 7d 28 29 3b 74 72 79 7b 6e 3d 6e 7c 7c 6e 65 77 20 46 75 6e 63 74 69 6f 6e 28 22 72 65 74 75 72 6e 20 74 68 69 73 22 29 28 29 7d 63 61 74 63 68 28 65 29 7b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 26 26 28 6e 3d 77 69 6e 64 6f 77 29 7d 65 2e 65 78 70 6f 72 74 73 3d 6e 7d 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 22 75 73 65
                                                                                                                                                                                                                          Data Ascii: _",d),p("__ResetDependency__",d),p("__with__",b),p("__RewireAPI__",E))}).call(this,n(3))},function(e,t){var n;n=function(){return this}();try{n=n||new Function("return this")()}catch(e){"object"==typeof window&&(n=window)}e.exports=n},function(e,t,n){"use
                                                                                                                                                                                                                          2024-05-05 12:33:30 UTC1378INData Raw: 73 2e 70 61 74 68 3d 6e 5b 35 5d 2c 74 68 69 73 2e 71 75 65 72 79 3d 6e 5b 36 5d 2c 74 68 69 73 2e 66 72 61 67 6d 65 6e 74 3d 6e 5b 38 5d 7d 7d 72 65 74 75 72 6e 20 63 28 65 2c 5b 7b 6b 65 79 3a 22 74 6f 53 74 72 69 6e 67 22 2c 76 61 6c 75 65 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 5b 74 68 69 73 2e 73 63 68 65 6d 65 2c 74 68 69 73 2e 61 75 74 68 6f 72 69 74 79 2c 74 68 69 73 2e 70 61 74 68 2c 74 68 69 73 2e 71 75 65 72 79 2c 74 68 69 73 2e 66 72 61 67 6d 65 6e 74 5d 2e 66 69 6c 74 65 72 28 42 6f 6f 6c 65 61 6e 29 2e 6a 6f 69 6e 28 22 22 29 7d 7d 5d 29 2c 65 7d 28 29 2c 6c 3d 22 37 37 36 36 65 38 36 31 2d 38 32 37 39 2d 34 32 34 64 2d 38 37 61 31 2d 30 37 61 36 30 32 32 66 64 38 63 64 22 2c 79 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74
                                                                                                                                                                                                                          Data Ascii: s.path=n[5],this.query=n[6],this.fragment=n[8]}}return c(e,[{key:"toString",value:function(){return[this.scheme,this.authority,this.path,this.query,this.fragment].filter(Boolean).join("")}}]),e}(),l="7766e861-8279-424d-87a1-07a6022fd8cd",y=function(e){ret
                                                                                                                                                                                                                          2024-05-05 12:33:30 UTC1378INData Raw: 74 73 5b 30 5d 3f 61 72 67 75 6d 65 6e 74 73 5b 30 5d 3a 6a 28 22 44 45 46 41 55 4c 54 5f 46 55 4c 4c 5f 48 41 53 48 5f 4c 49 4d 49 54 22 29 3b 6f 28 74 68 69 73 2c 65 29 2c 74 68 69 73 2e 72 65 6d 61 69 6e 69 6e 67 48 61 73 68 65 73 3d 6a 28 22 54 4f 54 41 4c 5f 50 41 52 54 53 5f 4c 49 4d 49 54 22 29 2c 74 68 69 73 2e 66 75 6c 6c 48 61 73 68 4c 69 6d 69 74 3d 74 7d 72 65 74 75 72 6e 20 63 28 65 2c 5b 7b 6b 65 79 3a 22 67 65 74 46 75 6c 6c 48 61 73 68 4c 69 6d 69 74 22 2c 76 61 6c 75 65 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 22 61 75 74 68 6f 72 69 74 79 22 3d 3d 3d 65 3f 6a 28 22 54 4f 54 41 4c 5f 50 41 52 54 53 5f 4c 49 4d 49 54 22 29 3a 74 68 69 73 2e 66 75 6c 6c 48 61 73 68 4c 69 6d 69 74 7d 7d 2c 7b 6b 65 79 3a 22 74 6f 74 61 6c 48
                                                                                                                                                                                                                          Data Ascii: ts[0]?arguments[0]:j("DEFAULT_FULL_HASH_LIMIT");o(this,e),this.remainingHashes=j("TOTAL_PARTS_LIMIT"),this.fullHashLimit=t}return c(e,[{key:"getFullHashLimit",value:function(e){return"authority"===e?j("TOTAL_PARTS_LIMIT"):this.fullHashLimit}},{key:"totalH


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          93192.168.2.449842142.251.16.1134434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:32 UTC1240OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912408856&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=2&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=4&tfd=3207 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:32 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:32 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          94192.168.2.449843142.251.16.1134434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:32 UTC1691OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912408856&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr5.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr36.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr64.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true&_e [TRUNCATED]
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:32 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:32 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          95192.168.2.449845192.0.76.34434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:32 UTC687OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=0&rand=0.5645082368297181 HTTP/1.1
                                                                                                                                                                                                                          Host: pixel.wp.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: image
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:32 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:32 GMT
                                                                                                                                                                                                                          Content-Type: image/gif
                                                                                                                                                                                                                          Content-Length: 50
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:32 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                          Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          96192.168.2.449846104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:32 UTC534OUTGET /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912410.47.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:33 UTC815INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:33 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                          Content-Length: 1
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          X-Robots-Tag: noindex
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IeqVqM89NC7fbinKTQCFWNMlJl6p394eQbcr6RT60XT7zJlRw4d77U%2FPsCQtzoE6Cjc7izyQAnZfbDxEMxQo%2FfRDzVobNzLfy49IEBb5Y3XqKJz%2FcvXPqE7FHdU%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c2758a0d395b-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:33 UTC1INData Raw: 30
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          97192.168.2.449847104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:33 UTC825OUTGET /wp-content/uploads/favicon.png HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: image
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912410.47.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:33 UTC890INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:33 GMT
                                                                                                                                                                                                                          Content-Type: image/png
                                                                                                                                                                                                                          Content-Length: 6966
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: max-age=3600
                                                                                                                                                                                                                          Cf-Bgj: imgq:100,h2pri
                                                                                                                                                                                                                          Cf-Polished: status=cannot_optimize
                                                                                                                                                                                                                          ETag: "fcd5a-1b36-532ec351dea6e"
                                                                                                                                                                                                                          Expires: Sun, 05 May 2024 13:33:33 GMT
                                                                                                                                                                                                                          Last-Modified: Mon, 16 May 2016 02:16:08 GMT
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: REVALIDATED
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=59nYG2ytEFsSXvnR7YMhzsyc2bquLyJ3ce%2Fz1JK6%2FiJq0RHa0jwJ6AjX%2FNawMQnReq2oii2ZPMJSG%2BXXsWQf7AsfGH6iqgtORLIv0XG%2FeLOYj0KlCYaNCeRehbs%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c276eceb39b2-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:33 UTC479INData Raw: 42 4d 36 1b 00 00 00 00 00 00 36 00 00 00 28 00 00 00 30 00 00 00 30 00 00 00 01 00 18 00 00 00 00 00 00 1b 00 00 e9 24 00 00 e9 24 00 00 00 00 00 00 00 00 00 00 fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fb fe fd ec f9 f4 d3 f0 e5 bf e9 d8 b1 e4 cf ac e2 cc ad e3 cd b5 e6 d2 c8 ed df e0 f5 ee f7 fd fb fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fd ff fe dd f4 ec a6 e0 c8
                                                                                                                                                                                                                          Data Ascii: BM66(00$$
                                                                                                                                                                                                                          2024-05-05 12:33:33 UTC1369INData Raw: ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff e2 f6 ef 81 d2 af 41 b8 7c 3d b2 6b 3d af 62 3e ad 5b 3e ab 56 3e aa 52 3e aa 51 3e aa 50 3f aa 4e 3f aa 4d 3f a9 4c 3f a9 4b 3f a9 4b 3f a9 4d 3f aa 4f 3e aa 51 3e aa 52 3e ac 56 3e ae 5e 3d b0 67 3c b4 73 3f ba 83 98 dc c2 fa fe fd fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff f9 fd fc 9e dd c3 43 b9 7e 3d b1 6a 3d ae 60 3e ac 5a 3e ac 59 3e ac 55 3e ab 54 3e aa 52 3e aa 51 3e aa 51 3e aa 51 3e aa 50 3e aa 50 3f aa 4f 3f aa 4e 3e aa 50 3e aa 51 3e aa 51 3e aa 51 3e ab 54 3e ac 58 3e ad 5c 3d af
                                                                                                                                                                                                                          Data Ascii: A|=k=b>[>V>R>Q>P?N?M?L?K?K?M?O>Q>R>V>^=g<s?C~=j=`>Z>Y>U>T>R>Q>Q>Q>P>P?O?N>P>Q>Q>Q>T>X>\=
                                                                                                                                                                                                                          2024-05-05 12:33:33 UTC1369INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 cb cc cc fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff 89 cb 94 3e aa 51 3e ab 54 3e ac 57 3e ac 59 3e ae 5d 3d af 62 3d b1 67 3d b2 6c 3c b3 70 3c b6 77 3a ba 83 b9 e7 d6 fe ff ff fe ff ff e3 e4 e4 02 02 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 cb cc cc fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff 87 ca 92 3e aa 51 3e ab 53 3e ac 56 3e ad 5a 3d ae 60
                                                                                                                                                                                                                          Data Ascii: >Q>T>W>Y>]=b=g=l<p<w:>Q>S>V>Z=`
                                                                                                                                                                                                                          2024-05-05 12:33:33 UTC1369INData Raw: ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fd fe fe 96 d4 ab 3e b0 66 3d b1 69 3d b2 6d 3d b3 70 3c b5 73 3c b5 76 3c b6 79 3c b7 7c 3b b9 80 3b b9 81 3a ba 85 3a bb 87 3a bc 89 3d be 8d 88 d7 bb e7 f7 f2 fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fd fe fe e3 e4 e4 e1 e2 e2 e1 e2 e2 e1 e2 e2 e1 e2 e2 e1 e2 e2 e1 e2 e2 e0 e2 e1 88 be 9d 36 9d 5e 36 9e 61 36 9f 64 35 a1 67 36 a3 6a 37 a6 6e 38 ab 73 39 b1 79 3a b5 7e 3a b8 80 3a ba 84 3a bb 87 3a bc 89 3a bd 8b 43 c0 91 90 da bf eb f9 f4 fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe
                                                                                                                                                                                                                          Data Ascii: >f=i=m=p<s<v<y<|;;:::=6^6a6d5g6j7n8s9y:~:::::C
                                                                                                                                                                                                                          2024-05-05 12:33:33 UTC1369INData Raw: 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 17 44 33 b9 e7 d4 63 b9 6d 7e c6 87 c6 e8 d3 50 c5 9a 53 c6 9b f6 fc fb fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff f9 fa fa 11 11 11 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 84 85 85 fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff f2 f3 f3 57 58 58 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 01 67 9b 88 c0 ea db 9e df c7 5a c8 9f 3e be 8f 3a bd 8c 3a bd 8c a9 e3 cd fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff f9 fa fa 11 11 11 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 66 67 67 c5 c6 c6 c5 c6 c6 c5 c6
                                                                                                                                                                                                                          Data Ascii: D3cm~PSWXXgZ>::fgg
                                                                                                                                                                                                                          2024-05-05 12:33:33 UTC1011INData Raw: fe ff ff fe ff ff f9 fa fa 11 11 11 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 84 85 85 fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff 90 91 91 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 02 02 d6 d7 d7 fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff 7f d4 b5 8c d9 bc f4 fb f6 ef f8 f2 fd ff fe fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff f9 fa fa 11 11 11 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 75 75 75 e1 e2 e2 e1 e2 e2 e1 e2 e2 e1 e2 e2 e1 e2 e2 e1 e2 e2 df df df dc dd dd d1 d2 d2 b1 b2 b2 61 61 61 04 04 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 21 21 f7 f8 f8 fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fc fe fe dd f4 ec c1 eb dc
                                                                                                                                                                                                                          Data Ascii: uuuaaa !!


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          98192.168.2.449848192.0.76.34434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:33 UTC687OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=0&rand=0.0645236413472281 HTTP/1.1
                                                                                                                                                                                                                          Host: pixel.wp.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: image
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:33 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:33 GMT
                                                                                                                                                                                                                          Content-Type: image/gif
                                                                                                                                                                                                                          Content-Length: 50
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:33 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                          Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          99192.168.2.449849192.0.76.34434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:33 UTC457OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=0&rand=0.5645082368297181 HTTP/1.1
                                                                                                                                                                                                                          Host: pixel.wp.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:33 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:33 GMT
                                                                                                                                                                                                                          Content-Type: image/gif
                                                                                                                                                                                                                          Content-Length: 50
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:33 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                          Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          100192.168.2.449854104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:33 UTC541OUTGET /wp-content/uploads/favicon.png HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912410.47.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:33 UTC891INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:33 GMT
                                                                                                                                                                                                                          Content-Type: image/png
                                                                                                                                                                                                                          Content-Length: 6966
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: max-age=3600
                                                                                                                                                                                                                          Cf-Bgj: imgq:100,h2pri
                                                                                                                                                                                                                          Cf-Polished: status=cannot_optimize
                                                                                                                                                                                                                          ETag: "fcd5a-1b36-532ec351dea6e"
                                                                                                                                                                                                                          Expires: Sun, 05 May 2024 12:54:26 GMT
                                                                                                                                                                                                                          Last-Modified: Mon, 16 May 2016 02:16:08 GMT
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: HIT
                                                                                                                                                                                                                          Age: 2347
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nSqKa1L2sP6P5SgkWcyWmJ6w%2Bee6GTeTxL72T%2F%2BEt0YkQutSbXy05aX9mQqF4NytBItGlbZKzuyAPqN2Aa0giYCcKw5YH9o5n1S%2BLlTfuSTE7ImzZeguPW3pkJQ%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c279ddd53b62-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:33 UTC478INData Raw: 42 4d 36 1b 00 00 00 00 00 00 36 00 00 00 28 00 00 00 30 00 00 00 30 00 00 00 01 00 18 00 00 00 00 00 00 1b 00 00 e9 24 00 00 e9 24 00 00 00 00 00 00 00 00 00 00 fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fb fe fd ec f9 f4 d3 f0 e5 bf e9 d8 b1 e4 cf ac e2 cc ad e3 cd b5 e6 d2 c8 ed df e0 f5 ee f7 fd fb fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fd ff fe dd f4 ec a6 e0 c8
                                                                                                                                                                                                                          Data Ascii: BM66(00$$
                                                                                                                                                                                                                          2024-05-05 12:33:33 UTC1369INData Raw: ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff e2 f6 ef 81 d2 af 41 b8 7c 3d b2 6b 3d af 62 3e ad 5b 3e ab 56 3e aa 52 3e aa 51 3e aa 50 3f aa 4e 3f aa 4d 3f a9 4c 3f a9 4b 3f a9 4b 3f a9 4d 3f aa 4f 3e aa 51 3e aa 52 3e ac 56 3e ae 5e 3d b0 67 3c b4 73 3f ba 83 98 dc c2 fa fe fd fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff f9 fd fc 9e dd c3 43 b9 7e 3d b1 6a 3d ae 60 3e ac 5a 3e ac 59 3e ac 55 3e ab 54 3e aa 52 3e aa 51 3e aa 51 3e aa 51 3e aa 50 3e aa 50 3f aa 4f 3f aa 4e 3e aa 50 3e aa 51 3e aa 51 3e aa 51 3e ab 54 3e ac 58 3e ad 5c 3d
                                                                                                                                                                                                                          Data Ascii: A|=k=b>[>V>R>Q>P?N?M?L?K?K?M?O>Q>R>V>^=g<s?C~=j=`>Z>Y>U>T>R>Q>Q>Q>P>P?O?N>P>Q>Q>Q>T>X>\=
                                                                                                                                                                                                                          2024-05-05 12:33:33 UTC1369INData Raw: 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 cb cc cc fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff 89 cb 94 3e aa 51 3e ab 54 3e ac 57 3e ac 59 3e ae 5d 3d af 62 3d b1 67 3d b2 6c 3c b3 70 3c b6 77 3a ba 83 b9 e7 d6 fe ff ff fe ff ff e3 e4 e4 02 02 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 cb cc cc fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff 87 ca 92 3e aa 51 3e ab 53 3e ac 56 3e ad 5a 3d ae
                                                                                                                                                                                                                          Data Ascii: >Q>T>W>Y>]=b=g=l<p<w:>Q>S>V>Z=
                                                                                                                                                                                                                          2024-05-05 12:33:33 UTC1369INData Raw: fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fd fe fe 96 d4 ab 3e b0 66 3d b1 69 3d b2 6d 3d b3 70 3c b5 73 3c b5 76 3c b6 79 3c b7 7c 3b b9 80 3b b9 81 3a ba 85 3a bb 87 3a bc 89 3d be 8d 88 d7 bb e7 f7 f2 fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fd fe fe e3 e4 e4 e1 e2 e2 e1 e2 e2 e1 e2 e2 e1 e2 e2 e1 e2 e2 e1 e2 e2 e0 e2 e1 88 be 9d 36 9d 5e 36 9e 61 36 9f 64 35 a1 67 36 a3 6a 37 a6 6e 38 ab 73 39 b1 79 3a b5 7e 3a b8 80 3a ba 84 3a bb 87 3a bc 89 3a bd 8b 43 c0 91 90 da bf eb f9 f4 fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff
                                                                                                                                                                                                                          Data Ascii: >f=i=m=p<s<v<y<|;;:::=6^6a6d5g6j7n8s9y:~:::::C
                                                                                                                                                                                                                          2024-05-05 12:33:33 UTC1369INData Raw: 0b 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 17 44 33 b9 e7 d4 63 b9 6d 7e c6 87 c6 e8 d3 50 c5 9a 53 c6 9b f6 fc fb fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff f9 fa fa 11 11 11 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 84 85 85 fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff f2 f3 f3 57 58 58 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 01 67 9b 88 c0 ea db 9e df c7 5a c8 9f 3e be 8f 3a bd 8c 3a bd 8c a9 e3 cd fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff f9 fa fa 11 11 11 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 66 67 67 c5 c6 c6 c5 c6 c6 c5
                                                                                                                                                                                                                          Data Ascii: D3cm~PSWXXgZ>::fgg
                                                                                                                                                                                                                          2024-05-05 12:33:33 UTC1012INData Raw: ff fe ff ff fe ff ff f9 fa fa 11 11 11 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 84 85 85 fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff 90 91 91 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 02 02 d6 d7 d7 fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff 7f d4 b5 8c d9 bc f4 fb f6 ef f8 f2 fd ff fe fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff f9 fa fa 11 11 11 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 75 75 75 e1 e2 e2 e1 e2 e2 e1 e2 e2 e1 e2 e2 e1 e2 e2 e1 e2 e2 df df df dc dd dd d1 d2 d2 b1 b2 b2 61 61 61 04 04 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 21 21 f7 f8 f8 fe ff ff fe ff ff fe ff ff fe ff ff fe ff ff fc fe fe dd f4 ec c1 eb
                                                                                                                                                                                                                          Data Ascii: uuuaaa !!


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          101192.168.2.449855192.0.76.34434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:33 UTC457OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=0&rand=0.0645236413472281 HTTP/1.1
                                                                                                                                                                                                                          Host: pixel.wp.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:33 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:33 GMT
                                                                                                                                                                                                                          Content-Type: image/gif
                                                                                                                                                                                                                          Content-Length: 50
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:33 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                          Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          102192.168.2.449857104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:36 UTC883OUTGET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                          Sec-Fetch-User: ?1
                                                                                                                                                                                                                          Sec-Fetch-Dest: document
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912410.47.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC1037INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:38 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                          Link: <https://bitsum.com/wp-json/>; rel="https://api.w.org/"
                                                                                                                                                                                                                          Link: <https://bitsum.com/wp-json/wp/v2/pages/26649>; rel="alternate"; type="application/json"
                                                                                                                                                                                                                          Link: <https://bitsum.com/?p=26649>; rel=shortlink
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=evdIvh4awPrT%2FGIXLFThJQ%2F3KLGv9FjRKORNMmI7fjpE7AFDHsELK3U8OtBgzbX652v64%2BcVBhf19TNYWyZMn2pR3UTQf3Ko9yYT87g0n7uDPGMA8Vte%2Bi9v6Vo%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c28ecd105710-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC332INData Raw: 37 62 61 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65
                                                                                                                                                                                                                          Data Ascii: 7ba7<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><link rel="profile" href="http://gmpg.org/xfn/11" /><link rel="pingback" href="https://bitsum.com/xmlrpc.php" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta name
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC1369INData Raw: 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 66 61 76 69 63 6f 6e 2e 70 6e 67 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 47 65 74 20 50 72 6f 63 65 73 73 20 4c 61 73 73 6f 20 50 72 6f 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73
                                                                                                                                                                                                                          Data Ascii: port" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /><link rel="shortcut icon" href="https://bitsum.com/wp-content/uploads/favicon.png" type="image/x-icon" /><title>Get Process Lasso Pro</title><meta name="robots
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC1369INData Raw: 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 29 20 3a 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 65 66 61 75 6c 74 4c 6f 63 61 74 69 6f 6e 73 20 29 3b 0a 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 76 61 72 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 4c 6f 63 61 74 69 6f 6e 73 20 3d 20 28 74 79 70 65 6f 66 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29
                                                                                                                                                                                                                          Data Ascii: ery === 'object') ? MonsterInsightsPrivacyGuardFilter( MonsterInsightsExcludeQuery ) : MonsterInsightsPrivacyGuardFilter( MonsterInsightsDefaultLocations );} else {var MonsterInsightsLocations = (typeof MonsterInsightsExcludeQuery === 'object')
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC1369INData Raw: 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 20 3d 20 7b 0a 09 09 09 09 09 68 65 6c 70 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 09 74 72 61 63 6b 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 7d 3b 0a 09 09 09 09 69 66 20 28 6d 69 5f 74 72 61 63 6b 5f 75 73 65 72 29 20 7b 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 29 20 7b 0a 09 09 09 09 09 09 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 0a 09 09 09 09 09 7d 0a 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 54 72 61 63 6b 65 72 28 74 79 70 65 2c 20 6e 61 6d 65 2c 20 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 69 66 20 28 21 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 09 70
                                                                                                                                                                                                                          Data Ascii: InsightsDualTracker = {helpers: {},trackers: {},};if (mi_track_user) {function __gtagDataLayer() {dataLayer.push(arguments);}function __gtagTracker(type, name, parameters) {if (!parameters) {p
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC1369INData Raw: 70 73 3a 2f 2f 64 65 76 65 6c 6f 70 65 72 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 6e 61 6c 79 74 69 63 73 2f 64 65 76 67 75 69 64 65 73 2f 63 6f 6c 6c 65 63 74 69 6f 6e 2f 61 6e 61 6c 79 74 69 63 73 6a 73 2f 20 2a 2f 0a 09 09 09 09 09 09 2f 2a 20 67 61 20 61 6e 64 20 5f 5f 67 61 54 72 61 63 6b 65 72 20 63 6f 6d 70 61 74 69 62 69 6c 69 74 79 20 73 68 69 6d 2e 20 2a 2f 0a 09 09 09 09 09 09 76 61 72 20 6e 6f 6f 70 66 6e 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 0a 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 76 61 72 20 6e 65 77 74 72 61 63 6b 65 72 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 65 77 20 54 72 61 63 6b 65 72 28 29 3b 0a 09 09
                                                                                                                                                                                                                          Data Ascii: ps://developers.google.com/analytics/devguides/collection/analyticsjs/ *//* ga and __gaTracker compatibility shim. */var noopfn = function () {return null;};var newtracker = function () {return new Tracker();
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC1369INData Raw: 09 27 65 76 65 6e 74 41 63 74 69 6f 6e 27 3a 20 27 70 61 67 65 5f 76 69 65 77 27 2c 0a 09 09 09 09 09 09 09 09 09 09 09 09 27 70 61 67 65 5f 70 61 74 68 27 3a 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 2c 0a 09 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 4f 62 6a 65 63 74 20 3d 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 35 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09
                                                                                                                                                                                                                          Data Ascii: 'eventAction': 'page_view','page_path': arguments[2],}}}if (typeof arguments[2] === 'object') {hitObject = arguments[2];}if (typeof arguments[5] === 'object') {
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC1369INData Raw: 27 2c 0a 09 09 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 09 09 66 6f 72 20 28 61 72 67 20 69 6e 20 61 72 67 73 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 69 66 20 28 21 28 21 61 72 67 73 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 20 7c 7c 20 21 67 61 4d 61 70 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 29 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 67 61 4d 61 70 5b 61 72 67 5d 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 61 72 67 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 68 69 74 3b
                                                                                                                                                                                                                          Data Ascii: ',};for (arg in args) {if (!(!args.hasOwnProperty(arg) || !gaMap.hasOwnProperty(arg))) {hit[gaMap[arg]] = args[arg];} else {hit[arg] = args[arg];}}return hit;
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC1369INData Raw: 72 74 79 28 6d 61 70 49 6e 64 65 78 29 29 20 7b 0a 09 09 09 09 09 09 69 74 65 6d 5b 66 69 65 6c 64 4d 61 70 5b 6d 61 70 49 6e 64 65 78 5d 5d 20 3d 20 75 61 49 74 65 6d 5b 6d 61 70 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 7d 0a 09 09 09 09 7d 0a 0a 09 09 09 09 66 6f 72 20 28 70 72 65 66 69 78 49 6e 64 65 78 20 3d 20 30 3b 20 70 72 65 66 69 78 49 6e 64 65 78 20 3c 20 74 6f 42 65 50 72 65 66 69 78 65 64 2e 6c 65 6e 67 74 68 3b 20 70 72 65 66 69 78 49 6e 64 65 78 2b 2b 29 20 7b 0a 09 09 09 09 09 70 72 65 66 69 78 4b 65 79 20 3d 20 74 6f 42 65 50 72 65 66 69 78 65 64 5b 70 72 65 66 69 78 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 75 61 49 74 65 6d 5b 70 72 65 66 69 78 4b 65 79 5d 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 29 20
                                                                                                                                                                                                                          Data Ascii: rty(mapIndex)) {item[fieldMap[mapIndex]] = uaItem[mapIndex];}}for (prefixIndex = 0; prefixIndex < toBePrefixed.length; prefixIndex++) {prefixKey = toBePrefixed[prefixIndex];if (typeof uaItem[prefixKey] !== 'undefined')
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC1369INData Raw: 29 20 7b 0a 09 09 09 09 63 6f 6e 73 74 20 69 74 65 6d 73 20 3d 20 70 61 72 61 6d 65 74 65 72 73 2e 69 74 65 6d 73 2e 6d 61 70 28 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 68 65 6c 70 65 72 73 2e 6d 61 70 50 72 6f 64 75 63 74 49 74 65 6d 29 3b 0a 09 09 09 09 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 27 65 76 65 6e 74 27 2c 20 27 73 65 6c 65 63 74 5f 69 74 65 6d 27 2c 20 7b 69 74 65 6d 73 3a 20 69 74 65 6d 73 2c 20 73 65 6e 64 5f 74 6f 3a 20 70 61 72 61 6d 65 74 65 72 73 2e 73 65 6e 64 5f 74 6f 7d 29 3b 0a 09 09 09 7d 3b 0a 0a 09 09 09 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 74 72 61 63 6b 65 72 73 5b 27 76 69 65 77 5f 69 74 65 6d 27 5d 20 3d 20 66 75 6e 63 74 69 6f 6e 20
                                                                                                                                                                                                                          Data Ascii: ) {const items = parameters.items.map(MonsterInsightsDualTracker.helpers.mapProductItem);__gtagDataLayer('event', 'select_item', {items: items, send_to: parameters.send_to});};MonsterInsightsDualTracker.trackers['view_item'] = function
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC1369INData Raw: 5d 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 75 28 65 2c 74 2c 6e 29 7b 73 77 69 74 63 68 28 74 29 7b 63 61 73 65 22 66 6c 61 67 22 3a 72 65 74 75 72 6e 20 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 32 36 61 37 5c 75 66 65 30 66 22 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 62 5c 75 32 36 61 37 5c 75 66 65 30 66 22 29 3f 21 31 3a 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 64 38 33 63 5c 75 64 64 66 33 22 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 32 30 30 62 5c 75 64 38 33 63 5c 75 64 64 66 33 22 29 26 26 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 64 62 34 30 5c 75 64 63
                                                                                                                                                                                                                          Data Ascii: ]})}function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          103192.168.2.449856142.251.16.1134434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:36 UTC1240OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912408856&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=5&tfd=8280 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:37 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:37 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          104192.168.2.44986444.237.131.1214434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:37 UTC606OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 3408
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://m.stripe.network
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://m.stripe.network/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:37 UTC3408OUTData Raw: 4a 54 64 43 4a 54 49 79 64 6a 49 6c 4d 6a 49 6c 4d 30 45 78 4a 54 4a 44 4a 54 49 79 61 57 51 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 49 33 4d 47 4d 79 4d 44 6b 35 4d 54 67 7a 59 6a 63 30 5a 6a 6b 32 4e 47 51 35 4f 57 51 79 5a 47 52 6b 5a 6d 4e 6d 4f 54 68 69 59 69 55 79 4d 69 55 79 51 79 55 79 4d 6e 51 6c 4d 6a 49 6c 4d 30 45 30 4d 7a 51 31 4c 6a 4d 6c 4d 6b 4d 6c 4d 6a 4a 30 59 57 63 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 49 30 4c 6a 55 75 4e 44 4d 6c 4d 6a 49 6c 4d 6b 4d 6c 4d 6a 4a 7a 63 6d 4d 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 4a 71 63 79 55 79 4d 69 55 79 51 79 55 79 4d 6d 45 6c 4d 6a 49 6c 4d 30 45 6c 4e 30 49 6c 4d 6a 4a 68 4a 54 49 79 4a 54 4e 42 4a 54 64 43 4a 54 49 79 64 69 55 79 4d 69 55 7a 51 53 55 79 4d 6e 52 79 64 57 55 6c 4d 6a 49 6c 4d 6b 4d 6c 4d 6a 4a
                                                                                                                                                                                                                          Data Ascii: JTdCJTIydjIlMjIlM0ExJTJDJTIyaWQlMjIlM0ElMjI3MGMyMDk5MTgzYjc0Zjk2NGQ5OWQyZGRkZmNmOThiYiUyMiUyQyUyMnQlMjIlM0E0MzQ1LjMlMkMlMjJ0YWclMjIlM0ElMjI0LjUuNDMlMjIlMkMlMjJzcmMlMjIlM0ElMjJqcyUyMiUyQyUyMmElMjIlM0ElN0IlMjJhJTIyJTNBJTdCJTIydiUyMiUzQSUyMnRydWUlMjIlMkMlMjJ
                                                                                                                                                                                                                          2024-05-05 12:33:37 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:37 GMT
                                                                                                                                                                                                                          Content-Length: 156
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          set-cookie: m=3a339d15-f4d1-4ee2-8b39-616861940a574172af;Expires=Tue, 05-May-2026 12:33:37 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                          x-content-type-options: nosniff
                                                                                                                                                                                                                          x-stripe-server-envoy-start-time-us: 1714912417797664
                                                                                                                                                                                                                          x-stripe-server-envoy-upstream-service-time-ms: 2
                                                                                                                                                                                                                          x-envoy-attempt-count: 1
                                                                                                                                                                                                                          x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                          x-stripe-client-envoy-start-time-us: 1714912417797186
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:33:37 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 64 63 66 31 33 37 64 30 2d 32 62 39 66 2d 34 62 62 36 2d 61 65 64 64 2d 32 37 62 61 62 34 38 39 62 37 38 62 61 35 34 36 34 30 22 2c 22 67 75 69 64 22 3a 22 33 61 33 33 39 64 31 35 2d 66 34 64 31 2d 34 65 65 32 2d 38 62 33 39 2d 36 31 36 38 36 31 39 34 30 61 35 37 34 31 37 32 61 66 22 2c 22 73 69 64 22 3a 22 36 36 30 35 36 66 36 39 2d 63 63 61 63 2d 34 63 61 65 2d 38 39 37 63 2d 62 38 62 66 66 34 38 63 33 64 65 31 31 39 37 33 63 39 22 7d
                                                                                                                                                                                                                          Data Ascii: {"muid":"dcf137d0-2b9f-4bb6-aedd-27bab489b78ba54640","guid":"3a339d15-f4d1-4ee2-8b39-616861940a574172af","sid":"66056f69-ccac-4cae-897c-b8bff48c3de11973c9"}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          105192.168.2.44986344.237.131.1214434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:37 UTC606OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 3412
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://m.stripe.network
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://m.stripe.network/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:37 UTC3412OUTData Raw: 4a 54 64 43 4a 54 49 79 64 6a 49 6c 4d 6a 49 6c 4d 30 45 78 4a 54 4a 44 4a 54 49 79 61 57 51 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 49 33 4d 47 4d 79 4d 44 6b 35 4d 54 67 7a 59 6a 63 30 5a 6a 6b 32 4e 47 51 35 4f 57 51 79 5a 47 52 6b 5a 6d 4e 6d 4f 54 68 69 59 69 55 79 4d 69 55 79 51 79 55 79 4d 6e 51 6c 4d 6a 49 6c 4d 30 45 30 4d 44 45 31 4c 6a 63 6c 4d 6b 4d 6c 4d 6a 4a 30 59 57 63 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 49 30 4c 6a 55 75 4e 44 4d 6c 4d 6a 49 6c 4d 6b 4d 6c 4d 6a 4a 7a 63 6d 4d 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 4a 71 63 79 55 79 4d 69 55 79 51 79 55 79 4d 6d 45 6c 4d 6a 49 6c 4d 30 45 6c 4e 30 49 6c 4d 6a 4a 68 4a 54 49 79 4a 54 4e 42 4a 54 64 43 4a 54 49 79 64 69 55 79 4d 69 55 7a 51 53 55 79 4d 6e 52 79 64 57 55 6c 4d 6a 49 6c 4d 6b 4d 6c 4d 6a 4a
                                                                                                                                                                                                                          Data Ascii: JTdCJTIydjIlMjIlM0ExJTJDJTIyaWQlMjIlM0ElMjI3MGMyMDk5MTgzYjc0Zjk2NGQ5OWQyZGRkZmNmOThiYiUyMiUyQyUyMnQlMjIlM0E0MDE1LjclMkMlMjJ0YWclMjIlM0ElMjI0LjUuNDMlMjIlMkMlMjJzcmMlMjIlM0ElMjJqcyUyMiUyQyUyMmElMjIlM0ElN0IlMjJhJTIyJTNBJTdCJTIydiUyMiUzQSUyMnRydWUlMjIlMkMlMjJ
                                                                                                                                                                                                                          2024-05-05 12:33:37 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:37 GMT
                                                                                                                                                                                                                          Content-Length: 156
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          set-cookie: m=2c02c639-8c02-4f40-b937-fb8deabf55dbe8b7e5;Expires=Tue, 05-May-2026 12:33:37 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                          x-content-type-options: nosniff
                                                                                                                                                                                                                          x-stripe-server-envoy-start-time-us: 1714912417801506
                                                                                                                                                                                                                          x-stripe-server-envoy-upstream-service-time-ms: 3
                                                                                                                                                                                                                          x-envoy-attempt-count: 1
                                                                                                                                                                                                                          x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                          x-stripe-client-envoy-start-time-us: 1714912417801277
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:33:37 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 64 61 61 33 63 63 35 32 2d 32 38 33 34 2d 34 65 61 31 2d 61 34 36 63 2d 35 37 62 37 36 35 36 63 65 66 62 39 37 39 30 32 65 39 22 2c 22 67 75 69 64 22 3a 22 32 63 30 32 63 36 33 39 2d 38 63 30 32 2d 34 66 34 30 2d 62 39 33 37 2d 66 62 38 64 65 61 62 66 35 35 64 62 65 38 62 37 65 35 22 2c 22 73 69 64 22 3a 22 65 63 66 34 65 66 37 35 2d 33 36 35 63 2d 34 37 39 33 2d 62 30 65 36 2d 63 39 34 34 37 39 38 37 35 38 39 36 38 61 32 61 36 35 22 7d
                                                                                                                                                                                                                          Data Ascii: {"muid":"daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9","guid":"2c02c639-8c02-4f40-b937-fb8deabf55dbe8b7e5","sid":"ecf4ef75-365c-4793-b0e6-c944798758968a2a65"}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          106192.168.2.44986244.237.131.1214434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:37 UTC606OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 3384
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://m.stripe.network
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://m.stripe.network/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:37 UTC3384OUTData Raw: 4a 54 64 43 4a 54 49 79 64 6a 49 6c 4d 6a 49 6c 4d 30 45 78 4a 54 4a 44 4a 54 49 79 61 57 51 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 49 33 4d 47 4d 79 4d 44 6b 35 4d 54 67 7a 59 6a 63 30 5a 6a 6b 32 4e 47 51 35 4f 57 51 79 5a 47 52 6b 5a 6d 4e 6d 4f 54 68 69 59 69 55 79 4d 69 55 79 51 79 55 79 4d 6e 51 6c 4d 6a 49 6c 4d 30 45 7a 4e 7a 51 78 4a 54 4a 44 4a 54 49 79 64 47 46 6e 4a 54 49 79 4a 54 4e 42 4a 54 49 79 4e 43 34 31 4c 6a 51 7a 4a 54 49 79 4a 54 4a 44 4a 54 49 79 63 33 4a 6a 4a 54 49 79 4a 54 4e 42 4a 54 49 79 61 6e 4d 6c 4d 6a 49 6c 4d 6b 4d 6c 4d 6a 4a 68 4a 54 49 79 4a 54 4e 42 4a 54 64 43 4a 54 49 79 59 53 55 79 4d 69 55 7a 51 53 55 33 51 69 55 79 4d 6e 59 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 4a 30 63 6e 56 6c 4a 54 49 79 4a 54 4a 44 4a 54 49 79 64 43 55
                                                                                                                                                                                                                          Data Ascii: JTdCJTIydjIlMjIlM0ExJTJDJTIyaWQlMjIlM0ElMjI3MGMyMDk5MTgzYjc0Zjk2NGQ5OWQyZGRkZmNmOThiYiUyMiUyQyUyMnQlMjIlM0EzNzQxJTJDJTIydGFnJTIyJTNBJTIyNC41LjQzJTIyJTJDJTIyc3JjJTIyJTNBJTIyanMlMjIlMkMlMjJhJTIyJTNBJTdCJTIyYSUyMiUzQSU3QiUyMnYlMjIlM0ElMjJ0cnVlJTIyJTJDJTIydCU
                                                                                                                                                                                                                          2024-05-05 12:33:37 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:37 GMT
                                                                                                                                                                                                                          Content-Length: 156
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          set-cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7;Expires=Tue, 05-May-2026 12:33:37 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                          x-content-type-options: nosniff
                                                                                                                                                                                                                          x-stripe-server-envoy-start-time-us: 1714912417812978
                                                                                                                                                                                                                          x-stripe-server-envoy-upstream-service-time-ms: 2
                                                                                                                                                                                                                          x-envoy-attempt-count: 1
                                                                                                                                                                                                                          x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                          x-stripe-client-envoy-start-time-us: 1714912417812602
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:33:37 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 63 65 33 31 34 65 66 35 2d 33 32 63 31 2d 34 32 65 34 2d 61 36 61 31 2d 33 39 30 61 30 62 31 32 36 32 39 61 32 37 33 61 35 34 22 2c 22 67 75 69 64 22 3a 22 32 36 39 37 37 36 30 38 2d 65 39 30 32 2d 34 39 63 37 2d 38 39 30 61 2d 38 63 66 35 61 62 30 66 38 66 31 32 35 62 63 30 65 37 22 2c 22 73 69 64 22 3a 22 63 34 64 31 38 63 66 31 2d 63 61 38 33 2d 34 61 61 32 2d 38 39 33 39 2d 31 39 64 63 31 61 66 32 64 39 31 64 64 62 65 65 31 33 22 7d
                                                                                                                                                                                                                          Data Ascii: {"muid":"ce314ef5-32c1-42e4-a6a1-390a0b12629a273a54","guid":"26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7","sid":"c4d18cf1-ca83-4aa2-8939-19dc1af2d91ddbee13"}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          107192.168.2.449858104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC885OUTGET /?custom-css=c8bee26073 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912410.47.0.0; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC828INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:38 GMT
                                                                                                                                                                                                                          Content-Type: text/css;charset=UTF-8
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Mon, 05 May 2025 12:33:38 GMT
                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tL0OJWDKEnsFu2NrVRfu6vDAps7nhpnKdOADhfbKqgMIOINlCX3obYCsqeucWIrSikq%2FCKV0WQ%2FtayC8L%2FivWhZ7KMwD7z3P5Yz%2Fp%2FyQMmN4818rM5H1tw%2FvvvI%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c295bd76387a-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC541INData Raw: 66 31 38 0d 0a 40 69 6d 70 6f 72 74 20 75 72 6c 28 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 26 64 69 73 70 6c 61 79 3d 73 77 61 70 27 29 3b 0a 0a 2f 2a 20 64 69 73 61 62 6c 65 20 64 61 72 6b 20 6d 6f 64 65 20 70 65 6e 64 69 6e 67 20 6d 6f 72 65 20 70 72 65 63 69 73 65 20 77 6f 72 6b 20 2a 2f 0a 2f 2a 20 40 69 6d 70 6f 72 74 20 22 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6d 65 6d 69 6e 7a 2f 63 73 73 2f 64 61 72 6b 6d 6f 64 65 2d 63 75 73 74 6f 6d 2e 63 73 73 22 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 20 64 61 72 6b 29 3b 0a 2a 2f 0a 0a 23 6e 6f 2d 75 73 65 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f
                                                                                                                                                                                                                          Data Ascii: f18@import url('https://fonts.googleapis.com/css2?family=Roboto&display=swap');/* disable dark mode pending more precise work *//* @import "/wp-content/themes/meminz/css/darkmode-custom.css" (prefers-color-scheme: dark);*/#no-use {margin: 0 auto
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC1369INData Raw: 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 66 6f 63 75 73 0a 7b 0a 09 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 68 6f 76 65 72 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 2e 73 65 6c 65 63 74 65 64 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20
                                                                                                                                                                                                                          Data Ascii: avbar-default .navbar-nav li a:focus{border: none;}.navbar-default .navbar-nav li a:hover,.navbar-default .navbar-nav li a.selected,.navbar-default .navbar-nav .active a,.navbar-default .navbar-nav .dropdown.active a,.navbar-default .navbar-nav
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC1369INData Raw: 65 74 20 23 30 30 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 2e 35 65 6d 3b 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 2e 35 65 6d 3b 0a 09 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 37 30 30 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 32 70 78 3b 0a 09 2d 6d 6f 7a 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 77 65 62 6b 69 74 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 6b 68 74 6d 6c 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 3b 0a 09 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 7d 0a 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 61 63 74 69 76 65 2c 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a
                                                                                                                                                                                                                          Data Ascii: et #000;padding: .5em;line-height: 2.5em;font-weight: 700;border-width: 2px;-moz-border-radius: .5em;-webkit-border-radius: .5em;-khtml-border-radius: .5em .5em .5em .5em;border-radius: .5em;}a.download_button:active,a.download_button:
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC592INData Raw: 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 45 30 45 30 45 30 3b 0a 09 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 39 41 39 41 39 41 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 31 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 7d 0a 0a 2e 77 70 62 5f 63 6f 6e 74 65 6e 74 5f 65 6c 65 6d 65 6e 74 20 2e 77 70 62 5f 74 61 62 73 5f 6e 61 76 20 7b 0a 09 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 68 69 64 64 65 6e 2c 20 2e 65 64 64 5f 73 6c 5f 6e 6f 5f 6d 61 6e 61 67 65 6d 65 6e 74 2c 20 2e 65 64 64 5f 73 6c 5f 73 74 61 74 75 73 5f 6c 61 62 65 6c 2c 20 2e 65 64 64 2d 73 6c 2d 61
                                                                                                                                                                                                                          Data Ascii: ground-color: #E0E0E0;border-color: #9A9A9A;border-width: 1px;border-top-left-radius: 6px;border-top-right-radius: 6px;}.wpb_content_element .wpb_tabs_nav {border-style: none;}.hidden, .edd_sl_no_management, .edd_sl_status_label, .edd-sl-a
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          108192.168.2.449868104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC1016OUTPOST /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 136
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded; charset=UTF-8
                                                                                                                                                                                                                          X-Requested-With: XMLHttpRequest
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912417.40.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC136OUTData Raw: 61 63 74 69 6f 6e 3d 65 64 64 75 68 5f 74 72 61 63 6b 5f 68 69 73 74 6f 72 79 26 70 61 67 65 5f 75 72 6c 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 62 69 74 73 75 6d 2e 63 6f 6d 25 32 46 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 25 32 46 25 33 46 64 69 73 63 6f 75 6e 74 25 33 44 42 49 54 53 55 4d 32 35 4f 46 46 25 32 36 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 25 33 44 31 26 72 65 66 65 72 72 65 72 3d
                                                                                                                                                                                                                          Data Ascii: action=edduh_track_history&page_url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&referrer=
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC1020INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:38 GMT
                                                                                                                                                                                                                          Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                          Content-Length: 120
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          X-Robots-Tag: noindex
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ptDRreSFrKRDPnvOcHlw0eKAuohogDq%2B3fZvZaRn9weRU%2FY3C3lYgbySdgC%2B4utkvLLUVhTXgPOgd7liP%2Bg2M%2BBYThGHbgcmLovh3dW3QmUQ48OKUbE1L5c5q3A%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c29829ca3aee-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC120INData Raw: 7b 22 73 75 63 63 65 73 73 22 3a 74 72 75 65 2c 22 64 61 74 61 22 3a 7b 22 70 61 67 65 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 62 69 74 73 75 6d 2e 63 6f 6d 5c 2f 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 5c 2f 3f 64 69 73 63 6f 75 6e 74 3d 42 49 54 53 55 4d 32 35 4f 46 46 26 23 30 33 38 3b 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 3d 31 22 7d 7d
                                                                                                                                                                                                                          Data Ascii: {"success":true,"data":{"page_url":"https:\/\/bitsum.com\/get-lasso-pro\/?discount=BITSUM25OFF&#038;inproductcoupon=1"}}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          109192.168.2.44986544.237.131.1214434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC659OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 796
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://m.stripe.network
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://m.stripe.network/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=2c02c639-8c02-4f40-b937-fb8deabf55dbe8b7e5
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC796OUTData Raw: 4a 54 64 43 4a 54 49 79 62 58 56 70 5a 43 55 79 4d 69 55 7a 51 53 55 79 4d 6d 52 6a 5a 6a 45 7a 4e 32 51 77 4c 54 4a 69 4f 57 59 74 4e 47 4a 69 4e 69 31 68 5a 57 52 6b 4c 54 49 33 59 6d 46 69 4e 44 67 35 59 6a 63 34 59 6d 45 31 4e 44 59 30 4d 43 55 79 4d 69 55 79 51 79 55 79 4d 6e 4e 70 5a 43 55 79 4d 69 55 7a 51 53 55 79 4d 6a 59 32 4d 44 55 32 5a 6a 59 35 4c 57 4e 6a 59 57 4d 74 4e 47 4e 68 5a 53 30 34 4f 54 64 6a 4c 57 49 34 59 6d 5a 6d 4e 44 68 6a 4d 32 52 6c 4d 54 45 35 4e 7a 4e 6a 4f 53 55 79 4d 69 55 79 51 79 55 79 4d 6e 56 79 62 43 55 79 4d 69 55 7a 51 53 55 79 4d 6d 68 30 64 48 42 7a 4a 54 4e 42 4a 54 4a 47 4a 54 4a 47 5a 48 52 6c 4d 31 70 32 4e 7a 4e 4e 4d 55 78 6b 57 6c 5a 31 63 54 52 51 54 45 31 49 59 6c 42 68 55 32 70 6f 56 6e 6c 30 57 45 6b
                                                                                                                                                                                                                          Data Ascii: JTdCJTIybXVpZCUyMiUzQSUyMmRjZjEzN2QwLTJiOWYtNGJiNi1hZWRkLTI3YmFiNDg5Yjc4YmE1NDY0MCUyMiUyQyUyMnNpZCUyMiUzQSUyMjY2MDU2ZjY5LWNjYWMtNGNhZS04OTdjLWI4YmZmNDhjM2RlMTE5NzNjOSUyMiUyQyUyMnVybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGZHRlM1p2NzNNMUxkWlZ1cTRQTE1IYlBhU2poVnl0WEk
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:38 GMT
                                                                                                                                                                                                                          Content-Length: 156
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          set-cookie: m=2c02c639-8c02-4f40-b937-fb8deabf55dbe8b7e5;Expires=Tue, 05-May-2026 12:33:38 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                          x-content-type-options: nosniff
                                                                                                                                                                                                                          x-stripe-server-envoy-start-time-us: 1714912418743141
                                                                                                                                                                                                                          x-stripe-server-envoy-upstream-service-time-ms: 2
                                                                                                                                                                                                                          x-envoy-attempt-count: 1
                                                                                                                                                                                                                          x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                          x-stripe-client-envoy-start-time-us: 1714912418742696
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 64 63 66 31 33 37 64 30 2d 32 62 39 66 2d 34 62 62 36 2d 61 65 64 64 2d 32 37 62 61 62 34 38 39 62 37 38 62 61 35 34 36 34 30 22 2c 22 67 75 69 64 22 3a 22 32 63 30 32 63 36 33 39 2d 38 63 30 32 2d 34 66 34 30 2d 62 39 33 37 2d 66 62 38 64 65 61 62 66 35 35 64 62 65 38 62 37 65 35 22 2c 22 73 69 64 22 3a 22 36 36 30 35 36 66 36 39 2d 63 63 61 63 2d 34 63 61 65 2d 38 39 37 63 2d 62 38 62 66 66 34 38 63 33 64 65 31 31 39 37 33 63 39 22 7d
                                                                                                                                                                                                                          Data Ascii: {"muid":"dcf137d0-2b9f-4bb6-aedd-27bab489b78ba54640","guid":"2c02c639-8c02-4f40-b937-fb8deabf55dbe8b7e5","sid":"66056f69-ccac-4cae-897c-b8bff48c3de11973c9"}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          110192.168.2.44986644.237.131.1214434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC659OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 796
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://m.stripe.network
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://m.stripe.network/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC796OUTData Raw: 4a 54 64 43 4a 54 49 79 62 58 56 70 5a 43 55 79 4d 69 55 7a 51 53 55 79 4d 6d 52 68 59 54 4e 6a 59 7a 55 79 4c 54 49 34 4d 7a 51 74 4e 47 56 68 4d 53 31 68 4e 44 5a 6a 4c 54 55 33 59 6a 63 32 4e 54 5a 6a 5a 57 5a 69 4f 54 63 35 4d 44 4a 6c 4f 53 55 79 4d 69 55 79 51 79 55 79 4d 6e 4e 70 5a 43 55 79 4d 69 55 7a 51 53 55 79 4d 6d 56 6a 5a 6a 52 6c 5a 6a 63 31 4c 54 4d 32 4e 57 4d 74 4e 44 63 35 4d 79 31 69 4d 47 55 32 4c 57 4d 35 4e 44 51 33 4f 54 67 33 4e 54 67 35 4e 6a 68 68 4d 6d 45 32 4e 53 55 79 4d 69 55 79 51 79 55 79 4d 6e 56 79 62 43 55 79 4d 69 55 7a 51 53 55 79 4d 6d 68 30 64 48 42 7a 4a 54 4e 42 4a 54 4a 47 4a 54 4a 47 5a 48 52 6c 4d 31 70 32 4e 7a 4e 4e 4d 55 78 6b 57 6c 5a 31 63 54 52 51 54 45 31 49 59 6c 42 68 55 32 70 6f 56 6e 6c 30 57 45 6b
                                                                                                                                                                                                                          Data Ascii: JTdCJTIybXVpZCUyMiUzQSUyMmRhYTNjYzUyLTI4MzQtNGVhMS1hNDZjLTU3Yjc2NTZjZWZiOTc5MDJlOSUyMiUyQyUyMnNpZCUyMiUzQSUyMmVjZjRlZjc1LTM2NWMtNDc5My1iMGU2LWM5NDQ3OTg3NTg5NjhhMmE2NSUyMiUyQyUyMnVybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGZHRlM1p2NzNNMUxkWlZ1cTRQTE1IYlBhU2poVnl0WEk
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:38 GMT
                                                                                                                                                                                                                          Content-Length: 156
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          set-cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7;Expires=Tue, 05-May-2026 12:33:38 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                          x-content-type-options: nosniff
                                                                                                                                                                                                                          x-stripe-server-envoy-start-time-us: 1714912418761708
                                                                                                                                                                                                                          x-stripe-server-envoy-upstream-service-time-ms: 2
                                                                                                                                                                                                                          x-envoy-attempt-count: 1
                                                                                                                                                                                                                          x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                          x-stripe-client-envoy-start-time-us: 1714912418761359
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 64 61 61 33 63 63 35 32 2d 32 38 33 34 2d 34 65 61 31 2d 61 34 36 63 2d 35 37 62 37 36 35 36 63 65 66 62 39 37 39 30 32 65 39 22 2c 22 67 75 69 64 22 3a 22 32 36 39 37 37 36 30 38 2d 65 39 30 32 2d 34 39 63 37 2d 38 39 30 61 2d 38 63 66 35 61 62 30 66 38 66 31 32 35 62 63 30 65 37 22 2c 22 73 69 64 22 3a 22 65 63 66 34 65 66 37 35 2d 33 36 35 63 2d 34 37 39 33 2d 62 30 65 36 2d 63 39 34 34 37 39 38 37 35 38 39 36 38 61 32 61 36 35 22 7d
                                                                                                                                                                                                                          Data Ascii: {"muid":"daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9","guid":"26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7","sid":"ecf4ef75-365c-4793-b0e6-c944798758968a2a65"}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          111192.168.2.449870104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC925OUTGET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714912417 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912410.47.0.0; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC741INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:38 GMT
                                                                                                                                                                                                                          Content-Type: text/css
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Fri, 20 Jan 2023 17:33:14 GMT
                                                                                                                                                                                                                          ETag: "1f80ab-0-5f2b571b5b143"
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: MISS
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PDcU8qterOUKehv821YekUeqkp0ccCVmUh5rgsoFIfxhLPdvRPOlxsZchInX2l0A%2BtrL6z84ak2hKD9Sqqs9DMlhvZJTldGmr9KuypI7Xv4Oj9aAM%2BTZ9zwZXKc%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c298994c079c-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          112192.168.2.449869142.251.16.1134434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC1235OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912417432&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=1653 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:38 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          113192.168.2.44986744.240.201.864434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC391OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=2c02c639-8c02-4f40-b937-fb8deabf55dbe8b7e5
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:38 GMT
                                                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                                                          Content-Length: 138
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Location: https://stripe.com
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                          Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          114192.168.2.449872142.251.16.1134434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC1234OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912417432&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=2&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&tfd=1854 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:38 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          115192.168.2.449871142.251.16.1134434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC1682OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912417432&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr5.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr36.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr64.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true&tf [TRUNCATED]
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:38 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:38 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          116192.168.2.44987344.240.201.864434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:40 UTC391OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=2c02c639-8c02-4f40-b937-fb8deabf55dbe8b7e5
                                                                                                                                                                                                                          2024-05-05 12:33:40 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:40 GMT
                                                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                                                          Content-Length: 138
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Location: https://stripe.com
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:33:40 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                          Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          117192.168.2.449874198.202.176.814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:40 UTC334OUTGET / HTTP/1.1
                                                                                                                                                                                                                          Host: stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:40 UTC4582INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:40 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                          Content-Length: 2253471
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                          Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                          Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                          Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                          Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                          Set-Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; domain=stripe.com; path=/; expires=Sat, 03 Aug 2024 12:33:40 GMT; secure; SameSite=Lax
                                                                                                                                                                                                                          Set-Cookie: __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D; path=/; secure; HttpOnly; SameSite=Strict
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                          X-Mkt-Cache: HIT
                                                                                                                                                                                                                          X-Wis-Cache-Control: max-age=300
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                          2024-05-05 12:33:40 UTC11802INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                          2024-05-05 12:33:40 UTC16384INData Raw: 61 3d 22 61 6c 6c 22 7d 29 7d 29 2e 6f 62 73 65 72 76 65 28 64 6f 63 75 6d 65 6e 74 2e 68 65 61 64 2c 7b 63 68 69 6c 64 4c 69 73 74 3a 21 30 7d 29 2c 64 6f 63 75 6d 65 6e 74 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 44 4f 4d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 22 2c 28 29 3d 3e 7b 66 6f 72 28 63 6f 6e 73 74 20 65 20 6f 66 20 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 6c 69 6e 6b 5b 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 5d 22 29 29 22 61 6c 6c 22 21 3d 3d 65 2e 6d 65 64 69 61 26 26 28 65 2e 6d 65 64 69 61 3d 22 61 6c 6c 22 29 7d 29 3b 0a 3c 2f 73 63 72 69 70 74 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 63 6f 6e 6e 65 63 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f
                                                                                                                                                                                                                          Data Ascii: a="all"})}).observe(document.head,{childList:!0}),document.addEventListener("DOMContentLoaded",()=>{for(const e of document.querySelectorAll("link[data-js-lazy-style]"))"all"!==e.media&&(e.media="all")});</script> <link rel="preconnect" href="https:/
                                                                                                                                                                                                                          2024-05-05 12:33:40 UTC16384INData Raw: 2d 20 34 70 78 29 7d 7d 40 6d 65 64 69 61 20 28 70 72 65 66 65 72 73 2d 72 65 64 75 63 65 64 2d 6d 6f 74 69 6f 6e 3a 72 65 64 75 63 65 29 7b 2e 4d 6f 62 69 6c 65 4d 65 6e 75 7b 2d 2d 74 72 61 6e 73 69 74 69 6f 6e 44 75 72 61 74 69 6f 6e 3a 31 6d 73 7d 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 63 61 72 64 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 68 65 61 64 65 72 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 36 32 70 78 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 7b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 29 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 32 30 70 78 3b
                                                                                                                                                                                                                          Data Ascii: - 4px)}}@media (prefers-reduced-motion:reduce){.MobileMenu{--transitionDuration:1ms}}.MobileMenu__card{position:relative}.MobileMenu__header{position:relative;min-height:62px}.MobileMenu__logo{--userLogoColor:var(--accentColor);position:absolute;top:20px;
                                                                                                                                                                                                                          2024-05-05 12:33:40 UTC16384INData Raw: 3c 73 74 79 6c 65 3e 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 2d 2d 73 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 42 61 63 6b 67 72 6f 75 6e 64 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 63 61 72 64 42 61 63 6b 67 72 6f 75 6e 64 29 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 38 70 78 3b 6c 65 66 74 3a 35 30 25 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 2d 36 70 78 3b 77 69 64 74 68 3a 31 32 70 78 3b 68 65 69 67 68 74 3a 31 32 70 78 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 59 28 31 32 70 78 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 29 29 20 72 6f 74 61 74 65 28 34 35 64 65 67 29 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 33 70 78 20 30 20
                                                                                                                                                                                                                          Data Ascii: <style>.SiteHeaderArrow{--siteHeaderArrowBackgroundColor:var(--cardBackground);position:absolute;top:8px;left:50%;margin:0 0 0 -6px;width:12px;height:12px;transform:translateY(12px) translateX(var(--siteMenuArrowOffset)) rotate(45deg);border-radius:3px 0
                                                                                                                                                                                                                          2024-05-05 12:33:40 UTC16384INData Raw: 53 69 7a 65 3a 37 32 70 78 7d 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 3d 66 72 2d 61 75 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 2c 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 3d 66 72 2d 67 62 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 2c 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 3d 66 72 2d 75 73 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 37 36 70 78 7d 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 3d 65 73 2d 34 31 39 2d 61 75 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 2c 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 3d 65 73 2d 34 31 39 2d 67 62 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 2c 2e 4d 6b 74 52 6f 6f 74 5b 6c 61
                                                                                                                                                                                                                          Data Ascii: Size:72px}.MktRoot[lang=fr-au] .HomepageHeroHeader,.MktRoot[lang=fr-gb] .HomepageHeroHeader,.MktRoot[lang=fr-us] .HomepageHeroHeader{--titleFontSize:76px}.MktRoot[lang=es-419-au] .HomepageHeroHeader,.MktRoot[lang=es-419-gb] .HomepageHeroHeader,.MktRoot[la
                                                                                                                                                                                                                          2024-05-05 12:33:40 UTC16384INData Raw: 20 36 30 70 78 7d 2e 46 61 63 65 2e 69 73 2d 63 68 65 63 6b 65 64 20 2e 46 61 63 65 5f 5f 63 68 65 63 6b 20 70 61 74 68 7b 73 74 72 6f 6b 65 2d 64 61 73 68 6f 66 66 73 65 74 3a 30 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 2e 34 73 7d 2e 46 61 63 65 2e 69 73 2d 63 68 65 63 6b 65 64 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 7b 6f 70 61 63 69 74 79 3a 30 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 46 61 63 65 2e 69 73 2d 61 63 74 69 76 65 20 70 61 74 68 2c 2e 46 61 63 65 2e 69 73 2d 61 63 74 69 76 65 20 72 65 63 74 7b 73 74 72 6f 6b 65 3a 23 30 32 37 38 66 63 7d 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 7b 74 72 61 6e 73 69 74 69 6f 6e 3a 2e 32 35 73 20 65 61 73 65 2d 6f 75 74 7d 2e 46 61 63 65 20 73 76 67 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6c 65 66 74 3a 30
                                                                                                                                                                                                                          Data Ascii: 60px}.Face.is-checked .Face__check path{stroke-dashoffset:0;transition:.4s}.Face.is-checked .Face__phone{opacity:0!important}.Face.is-active path,.Face.is-active rect{stroke:#0278fc}.Face__phone{transition:.25s ease-out}.Face svg{position:absolute;left:0
                                                                                                                                                                                                                          2024-05-05 12:33:40 UTC16384INData Raw: 36 36 3b 2d 2d 69 6e 70 75 74 42 61 63 6b 67 72 6f 75 6e 64 3a 23 66 36 66 39 66 63 3b 2d 2d 63 68 65 63 6b 62 6f 78 49 6e 70 75 74 42 61 63 6b 67 72 6f 75 6e 64 3a 23 65 37 65 63 66 31 3b 2d 2d 69 6e 70 75 74 50 6c 61 63 65 68 6f 6c 64 65 72 43 6f 6c 6f 72 3a 23 37 32 37 66 39 36 3b 2d 2d 69 6e 70 75 74 54 65 78 74 43 6f 6c 6f 72 3a 23 30 61 32 35 34 30 3b 2d 2d 69 6e 70 75 74 45 72 72 6f 72 41 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 66 66 35 39 39 36 3b 2d 2d 61 6e 6e 6f 74 61 74 69 6f 6e 43 6f 6c 6f 72 3a 23 38 63 39 65 62 31 3b 2d 2d 6d 61 73 6b 46 61 64 65 43 6f 6c 6f 72 3a 72 67 62 61 28 30 2c 30 2c 30 2c 30 2e 34 29 3b 2d 2d 6e 61 76 43 6f 6c 6f 72 3a 23 30 61 32 35 34 30 3b 2d 2d 6e 61 76 48 6f 76 65 72 43 6f 6c 6f 72 3a 23 30 61 32 35 34 30 3b 2d 2d
                                                                                                                                                                                                                          Data Ascii: 66;--inputBackground:#f6f9fc;--checkboxInputBackground:#e7ecf1;--inputPlaceholderColor:#727f96;--inputTextColor:#0a2540;--inputErrorAccentColor:#ff5996;--annotationColor:#8c9eb1;--maskFadeColor:rgba(0,0,0,0.4);--navColor:#0a2540;--navHoverColor:#0a2540;--
                                                                                                                                                                                                                          2024-05-05 12:33:40 UTC16384INData Raw: 6b 2c 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 20 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 7b 2d 2d 62 6c 65 6e 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 38 30 66 66 3b 2d 2d 62 6c 65 6e 64 49 6e 74 65 72 73 65 63 74 69 6f 6e 3a 23 66 66 65 65 62 32 3b 2d 2d 62 6c 65 6e 64 46 6f 72 65 67 72 6f 75 6e 64 3a 23 66 62 30 7d 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 61 63 63 65 6e 74 2d 2d 50 69 6e 6b 2c 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 20 2e 61 63 63 65 6e 74 2d 2d 50 69 6e 6b 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 66 33 36 33 66 33 7d 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 50 69 6e 6b 2c 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61
                                                                                                                                                                                                                          Data Ascii: k,.flavor--Sunset .theme--Dark{--blendBackground:#ff80ff;--blendIntersection:#ffeeb2;--blendForeground:#fb0}.flavor--Sunset.accent--Pink,.flavor--Sunset .accent--Pink{--accentColor:#f363f3}.flavor--Sunset.theme--Dark.accent--Pink,.flavor--Sunset.theme--Da
                                                                                                                                                                                                                          2024-05-05 12:33:40 UTC16384INData Raw: 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 47 72 61 70 68 69 63 46 6f 72 6d 2d 37 64 37 35 62 38 62 61 37 32 65 30 33 30 34 64 61 38 32 63 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 50 61 79 6d 65 6e 74 4c 69 6e 6b 73 46 65 61
                                                                                                                                                                                                                          Data Ascii: l="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/GraphicForm-7d75b8ba72e0304da82c.css" media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/PaymentLinksFea
                                                                                                                                                                                                                          2024-05-05 12:33:40 UTC16384INData Raw: 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 43 6f 6e 6e 65 63 74 69 6f 6e 2d 4e 46 32 54 49 48 49 52 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 52 6f 74 61 74 69 6e 67 47 72 61 64 69 65 6e 74 2d 54 45 36 4c 33 59 56 51 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72
                                                                                                                                                                                                                          Data Ascii: ://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorConnection-NF2TIHIR.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/RotatingGradient-TE6L3YVQ.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/Fr


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          118192.168.2.449875192.0.76.34434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:40 UTC691OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1943&rand=0.41106217824244795 HTTP/1.1
                                                                                                                                                                                                                          Host: pixel.wp.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: image
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:40 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:40 GMT
                                                                                                                                                                                                                          Content-Type: image/gif
                                                                                                                                                                                                                          Content-Length: 50
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:40 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                          Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          119192.168.2.44987644.240.201.864434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:40 UTC391OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7
                                                                                                                                                                                                                          2024-05-05 12:33:41 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:41 GMT
                                                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                                                          Content-Length: 138
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Location: https://stripe.com
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:33:41 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                          Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          120192.168.2.449877198.202.176.814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:41 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                          Host: stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
                                                                                                                                                                                                                          2024-05-05 12:33:41 UTC4216INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:41 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                          Content-Length: 2253471
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                          Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                          Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                          Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                          Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                          X-Mkt-Cache: HIT
                                                                                                                                                                                                                          X-Wis-Cache-Control: max-age=300
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                          2024-05-05 12:33:41 UTC12168INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                          2024-05-05 12:33:41 UTC16384INData Raw: 64 20 2e 53 65 63 74 69 6f 6e 5f 5f 6c 61 79 6f 75 74 7b 2d 2d 73 65 63 74 69 6f 6e 50 61 64 64 69 6e 67 54 6f 70 3a 30 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 3a 32 35 30 6d 73 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 53 70 61 63 69 6e 67 3a 31 33 70 78 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a
                                                                                                                                                                                                                          Data Ascii: d .Section__layout{--sectionPaddingTop:0}</style><style>.SiteHeader{--siteMenuTransition:250ms;--siteMenuArrowSpacing:13px;--siteMenuArrowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:
                                                                                                                                                                                                                          2024-05-05 12:33:41 UTC16384INData Raw: 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 31 32 30 25 29 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 2c 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 62 61 63 6b 42 75 74 74 6f 6e 7b 6f 70 61 63 69 74 79 3a 30 3b 76 69 73 69 62 69 6c 69 74 79 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 49 6e 29 3b 70 6f 69 6e 74 65 72 2d 65 76 65 6e 74 73 3a 6e 6f
                                                                                                                                                                                                                          Data Ascii: -color:transparent}.MobileMenu--isSubMenuActive .MobileMenu__logo{transform:translateX(-120%)}.MobileMenu--isSubMenuActive .MobileMenu__logo,.MobileMenu__backButton{opacity:0;visibility:hidden;transition:var(--siteMobileMenuTransitionIn);pointer-events:no
                                                                                                                                                                                                                          2024-05-05 12:33:41 UTC16384INData Raw: 69 6f 6e 2d 70 72 6f 70 65 72 74 79 3a 74 72 61 6e 73 66 6f 72 6d 3b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 7a 2d 69 6e 64 65 78 3a 32 7d 2e 53 69 74 65 48 65 61 64 65 72 2d 2d 64 72 6f 70 64 6f 77 6e 56 69 73 69 62 6c 65 20 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 59 28 30 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 29 29 20 72 6f 74 61 74 65 28 34 35 64 65 67 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e
                                                                                                                                                                                                                          Data Ascii: ion-property:transform;transition-duration:var(--siteMenuTransition);z-index:2}.SiteHeader--dropdownVisible .SiteHeaderArrow{transform:translateY(0) translateX(var(--siteMenuArrowOffset)) rotate(45deg)}@media (max-width:899px){.SiteHeaderArrow{display:non
                                                                                                                                                                                                                          2024-05-05 12:33:41 UTC16384INData Raw: 61 64 65 72 2c 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 3d 65 73 2d 75 73 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 37 38 70 78 7d 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 2a 3d 6a 61 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 36 36 70 78 7d 7d 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 76 61 72 28 2d 2d 63 61 70 74 69 6f 6e 4d 61 72 67 69 6e 54 6f 70 29 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 36 30 30 70 78 29 7b 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 69 6e 2d 77 69 64 74 68
                                                                                                                                                                                                                          Data Ascii: ader,.MktRoot[lang=es-us] .HomepageHeroHeader{--titleFontSize:78px}.MktRoot[lang*=ja] .HomepageHeroHeader{--titleFontSize:66px}}.HomepageHeroHeader__caption{margin-top:var(--captionMarginTop)}@media (min-width:600px){.HomepageHeroHeader__caption{min-width
                                                                                                                                                                                                                          2024-05-05 12:33:41 UTC16384INData Raw: 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 5a 28 30 29 7d 2e 46 61 63 65 2e 69 73 2d 70 68 6f 6e 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 7b 6f 70 61 63 69 74 79 3a 31 3b 74 72 61 6e 73 66 6f 72 6d 3a 70 65 72 73 70 65 63 74 69 76 65 28 35 30 30 70 78 29 20 74 72 61 6e 73 6c 61 74 65 59 28 31 32 70 78 29 20 72 6f 74 61 74 65 58 28 30 64 65 67 29 3b 61 6e 69 6d 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 66 61 63 65 41 6e 69 6d 61 74 69 6f 6e 44 69 73 61 62 6c 65 64 2c 70 68 6f 6e 65 2d 74 61 70 20 32 2e 37 73 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 66 6f 72 77 61 72 64 73 20 69 6e 66 69 6e 69 74 65 20 2e 34 73 29 7d 2e 46 61 63 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 43 6c 69 70 2c 2e 46 61 63 65 20 2e 46 61 63
                                                                                                                                                                                                                          Data Ascii: flow:hidden;transform:translateZ(0)}.Face.is-phone .Face__phone{opacity:1;transform:perspective(500px) translateY(12px) rotateX(0deg);animation:var(--faceAnimationDisabled,phone-tap 2.7s ease-in-out forwards infinite .4s)}.Face .Face__phoneClip,.Face .Fac
                                                                                                                                                                                                                          2024-05-05 12:33:42 UTC16384INData Raw: 66 36 66 39 66 63 3b 2d 2d 67 72 69 64 53 75 62 63 61 72 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 2d 2d 74 61 62 6c 65 49 63 6f 6e 43 6f 6c 6f 72 3a 23 38 63 39 65 62 31 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 57 68 69 74 65 3a 23 66 66 66 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 4c 69 67 68 74 3a 23 65 33 65 37 65 63 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 44 61 72 6b 3a 23 30 61 32 35 34 30 3b 2d 2d 62 75 6c 6c 65 74 43 6f 6c 6f 72 3a 23 63 66 64 37 64 66 3b 2d 2d 66 6f 6f 74 6e 6f 74 65 54 65 78 74 43 6f 6c 6f 72 3a 23 34 64 35 62 37 38 3b 2d 2d 64 69 73 63 6c 61 69 6d 65 72 54 65 78 74 43 6f 6c 6f 72 3a 23 37 30 37 66 39 38 3b 2d 2d 69 6e 6c 69 6e 65 43 6f 64 65 54 65 78 74 43 6f 6c 6f 72 3a 23 32 63 33 61 35 37 3b 2d 2d 69 6e
                                                                                                                                                                                                                          Data Ascii: f6f9fc;--gridSubcardBackground:#fff;--tableIconColor:#8c9eb1;--stripeAccentWhite:#fff;--stripeAccentLight:#e3e7ec;--stripeAccentDark:#0a2540;--bulletColor:#cfd7df;--footnoteTextColor:#4d5b78;--disclaimerTextColor:#707f98;--inlineCodeTextColor:#2c3a57;--in
                                                                                                                                                                                                                          2024-05-05 12:33:42 UTC16384INData Raw: 6f 6c 6f 72 3a 23 66 61 62 30 30 30 7d 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 66 66 63 65 34 38 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 66 6c 61 76 6f 72 2d 2d 54 72 6f 70 69 63 61 6c 7b 2d 2d 62 6c 65 6e 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 38 30 65 39 66 66 3b 2d 2d 62 6c 65 6e 64 49 6e 74 65 72 73 65 63 74 69 6f 6e 3a 23 30 30 34 38 65 35 3b 2d 2d 62 6c 65 6e 64 46 6f 72 65 67 72 6f 75 6e 64 3a 23 37 61 37 33 66 66 3b 2d 2d 67 72 61 64 69 65 6e 74 43 6f 6c 6f 72 5a 65 72 6f
                                                                                                                                                                                                                          Data Ascii: olor:#fab000}.flavor--Sunset.theme--Dark.accent--Yellow,.flavor--Sunset.theme--Dark .accent--Yellow{--accentColor:#ffce48}</style><style>.flavor--Tropical{--blendBackground:#80e9ff;--blendIntersection:#0048e5;--blendForeground:#7a73ff;--gradientColorZero
                                                                                                                                                                                                                          2024-05-05 12:33:42 UTC16384INData Raw: 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 49 6e 76 6f 69 63 69 6e 67 46 65 61 74 75 72 65 47 72 61 70 68 69 63 2d 64 62 39 35 66 36 63 62 66 61 36 33 38 63 63 61 31 35 31 65 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 44 65 76 65 6c 6f 70 65 72 73
                                                                                                                                                                                                                          Data Ascii: esheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/InvoicingFeatureGraphic-db95f6cbfa638cca151e.css" media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Developers
                                                                                                                                                                                                                          2024-05-05 12:33:42 UTC16384INData Raw: 36 47 48 48 37 4e 46 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 50 61 79 6d 65 6e 74 73 41 6e 69 6d 61 74 69 6f 6e 2d 56 43 35 4d 44 35 32 51 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 49 63 6f 6e 47 72 69 64 2d 53 52 36 44 55 4d 59 43 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68
                                                                                                                                                                                                                          Data Ascii: 6GHH7NF.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorPaymentsAnimation-VC5MD52Q.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorIconGrid-SR6DUMYC.js"},{"critical":false,"path


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          121192.168.2.449880104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:41 UTC648OUTGET /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912417.40.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:42 UTC815INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:41 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                          Content-Length: 1
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          X-Robots-Tag: noindex
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=InF4BZ2zn%2Fc7FotZqUku7V%2FB6QiK2Upjo3h2VU9lVX3VOChm09pplS4sf82cK27ftZJkI%2B5Wzj2MicfLqnVtcCD8IvdpLsagJt9ZJ7XXRH3jRMkOVuPKn8anQqc%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c2abe88f5a63-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:42 UTC1INData Raw: 30
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          122192.168.2.449881192.0.76.34434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:41 UTC461OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1943&rand=0.41106217824244795 HTTP/1.1
                                                                                                                                                                                                                          Host: pixel.wp.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:41 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:41 GMT
                                                                                                                                                                                                                          Content-Type: image/gif
                                                                                                                                                                                                                          Content-Length: 50
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:41 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                          Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          123192.168.2.44987944.240.201.864434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:41 UTC433OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7; cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9
                                                                                                                                                                                                                          2024-05-05 12:33:42 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:42 GMT
                                                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                                                          Content-Length: 138
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Location: https://stripe.com
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:33:42 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                          Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          124192.168.2.44987844.237.131.1214434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:41 UTC660OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 3508
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://m.stripe.network
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://m.stripe.network/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7
                                                                                                                                                                                                                          2024-05-05 12:33:41 UTC3508OUTData Raw: 4a 54 64 43 4a 54 49 79 64 6a 49 6c 4d 6a 49 6c 4d 30 45 78 4a 54 4a 44 4a 54 49 79 61 57 51 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 49 33 4d 47 4d 79 4d 44 6b 35 4d 54 67 7a 59 6a 63 30 5a 6a 6b 32 4e 47 51 35 4f 57 51 79 5a 47 52 6b 5a 6d 4e 6d 4f 54 68 69 59 69 55 79 4d 69 55 79 51 79 55 79 4d 6e 51 6c 4d 6a 49 6c 4d 30 45 30 4d 43 55 79 51 79 55 79 4d 6e 52 68 5a 79 55 79 4d 69 55 7a 51 53 55 79 4d 6a 51 75 4e 53 34 30 4d 79 55 79 4d 69 55 79 51 79 55 79 4d 6e 4e 79 59 79 55 79 4d 69 55 7a 51 53 55 79 4d 6d 70 7a 4a 54 49 79 4a 54 4a 44 4a 54 49 79 59 53 55 79 4d 69 55 7a 51 53 55 33 51 69 55 79 4d 6d 45 6c 4d 6a 49 6c 4d 30 45 6c 4e 30 49 6c 4d 6a 4a 32 4a 54 49 79 4a 54 4e 42 4a 54 49 79 64 48 4a 31 5a 53 55 79 4d 69 55 79 51 79 55 79 4d 6e 51 6c 4d 6a 49
                                                                                                                                                                                                                          Data Ascii: JTdCJTIydjIlMjIlM0ExJTJDJTIyaWQlMjIlM0ElMjI3MGMyMDk5MTgzYjc0Zjk2NGQ5OWQyZGRkZmNmOThiYiUyMiUyQyUyMnQlMjIlM0E0MCUyQyUyMnRhZyUyMiUzQSUyMjQuNS40MyUyMiUyQyUyMnNyYyUyMiUzQSUyMmpzJTIyJTJDJTIyYSUyMiUzQSU3QiUyMmElMjIlM0ElN0IlMjJ2JTIyJTNBJTIydHJ1ZSUyMiUyQyUyMnQlMjI
                                                                                                                                                                                                                          2024-05-05 12:33:42 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:42 GMT
                                                                                                                                                                                                                          Content-Length: 156
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          set-cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7;Expires=Tue, 05-May-2026 12:33:42 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                          x-content-type-options: nosniff
                                                                                                                                                                                                                          x-stripe-server-envoy-start-time-us: 1714912422078501
                                                                                                                                                                                                                          x-stripe-server-envoy-upstream-service-time-ms: 2
                                                                                                                                                                                                                          x-envoy-attempt-count: 1
                                                                                                                                                                                                                          x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                          x-stripe-client-envoy-start-time-us: 1714912422078175
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:33:42 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 64 61 61 33 63 63 35 32 2d 32 38 33 34 2d 34 65 61 31 2d 61 34 36 63 2d 35 37 62 37 36 35 36 63 65 66 62 39 37 39 30 32 65 39 22 2c 22 67 75 69 64 22 3a 22 32 36 39 37 37 36 30 38 2d 65 39 30 32 2d 34 39 63 37 2d 38 39 30 61 2d 38 63 66 35 61 62 30 66 38 66 31 32 35 62 63 30 65 37 22 2c 22 73 69 64 22 3a 22 65 63 66 34 65 66 37 35 2d 33 36 35 63 2d 34 37 39 33 2d 62 30 65 36 2d 63 39 34 34 37 39 38 37 35 38 39 36 38 61 32 61 36 35 22 7d
                                                                                                                                                                                                                          Data Ascii: {"muid":"daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9","guid":"26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7","sid":"ecf4ef75-365c-4793-b0e6-c944798758968a2a65"}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          125192.168.2.449882198.202.176.814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:41 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                          Host: stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
                                                                                                                                                                                                                          2024-05-05 12:33:42 UTC4216INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:42 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                          Content-Length: 2253471
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                          Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                          Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                          Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                          Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                          X-Mkt-Cache: HIT
                                                                                                                                                                                                                          X-Wis-Cache-Control: max-age=300
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                          2024-05-05 12:33:42 UTC12168INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                          2024-05-05 12:33:42 UTC16384INData Raw: 64 20 2e 53 65 63 74 69 6f 6e 5f 5f 6c 61 79 6f 75 74 7b 2d 2d 73 65 63 74 69 6f 6e 50 61 64 64 69 6e 67 54 6f 70 3a 30 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 3a 32 35 30 6d 73 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 53 70 61 63 69 6e 67 3a 31 33 70 78 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a
                                                                                                                                                                                                                          Data Ascii: d .Section__layout{--sectionPaddingTop:0}</style><style>.SiteHeader{--siteMenuTransition:250ms;--siteMenuArrowSpacing:13px;--siteMenuArrowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:
                                                                                                                                                                                                                          2024-05-05 12:33:42 UTC16384INData Raw: 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 31 32 30 25 29 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 2c 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 62 61 63 6b 42 75 74 74 6f 6e 7b 6f 70 61 63 69 74 79 3a 30 3b 76 69 73 69 62 69 6c 69 74 79 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 49 6e 29 3b 70 6f 69 6e 74 65 72 2d 65 76 65 6e 74 73 3a 6e 6f
                                                                                                                                                                                                                          Data Ascii: -color:transparent}.MobileMenu--isSubMenuActive .MobileMenu__logo{transform:translateX(-120%)}.MobileMenu--isSubMenuActive .MobileMenu__logo,.MobileMenu__backButton{opacity:0;visibility:hidden;transition:var(--siteMobileMenuTransitionIn);pointer-events:no
                                                                                                                                                                                                                          2024-05-05 12:33:42 UTC16384INData Raw: 69 6f 6e 2d 70 72 6f 70 65 72 74 79 3a 74 72 61 6e 73 66 6f 72 6d 3b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 7a 2d 69 6e 64 65 78 3a 32 7d 2e 53 69 74 65 48 65 61 64 65 72 2d 2d 64 72 6f 70 64 6f 77 6e 56 69 73 69 62 6c 65 20 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 59 28 30 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 29 29 20 72 6f 74 61 74 65 28 34 35 64 65 67 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e
                                                                                                                                                                                                                          Data Ascii: ion-property:transform;transition-duration:var(--siteMenuTransition);z-index:2}.SiteHeader--dropdownVisible .SiteHeaderArrow{transform:translateY(0) translateX(var(--siteMenuArrowOffset)) rotate(45deg)}@media (max-width:899px){.SiteHeaderArrow{display:non
                                                                                                                                                                                                                          2024-05-05 12:33:42 UTC16384INData Raw: 61 64 65 72 2c 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 3d 65 73 2d 75 73 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 37 38 70 78 7d 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 2a 3d 6a 61 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 36 36 70 78 7d 7d 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 76 61 72 28 2d 2d 63 61 70 74 69 6f 6e 4d 61 72 67 69 6e 54 6f 70 29 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 36 30 30 70 78 29 7b 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 69 6e 2d 77 69 64 74 68
                                                                                                                                                                                                                          Data Ascii: ader,.MktRoot[lang=es-us] .HomepageHeroHeader{--titleFontSize:78px}.MktRoot[lang*=ja] .HomepageHeroHeader{--titleFontSize:66px}}.HomepageHeroHeader__caption{margin-top:var(--captionMarginTop)}@media (min-width:600px){.HomepageHeroHeader__caption{min-width
                                                                                                                                                                                                                          2024-05-05 12:33:42 UTC16384INData Raw: 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 5a 28 30 29 7d 2e 46 61 63 65 2e 69 73 2d 70 68 6f 6e 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 7b 6f 70 61 63 69 74 79 3a 31 3b 74 72 61 6e 73 66 6f 72 6d 3a 70 65 72 73 70 65 63 74 69 76 65 28 35 30 30 70 78 29 20 74 72 61 6e 73 6c 61 74 65 59 28 31 32 70 78 29 20 72 6f 74 61 74 65 58 28 30 64 65 67 29 3b 61 6e 69 6d 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 66 61 63 65 41 6e 69 6d 61 74 69 6f 6e 44 69 73 61 62 6c 65 64 2c 70 68 6f 6e 65 2d 74 61 70 20 32 2e 37 73 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 66 6f 72 77 61 72 64 73 20 69 6e 66 69 6e 69 74 65 20 2e 34 73 29 7d 2e 46 61 63 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 43 6c 69 70 2c 2e 46 61 63 65 20 2e 46 61 63
                                                                                                                                                                                                                          Data Ascii: flow:hidden;transform:translateZ(0)}.Face.is-phone .Face__phone{opacity:1;transform:perspective(500px) translateY(12px) rotateX(0deg);animation:var(--faceAnimationDisabled,phone-tap 2.7s ease-in-out forwards infinite .4s)}.Face .Face__phoneClip,.Face .Fac
                                                                                                                                                                                                                          2024-05-05 12:33:42 UTC16384INData Raw: 66 36 66 39 66 63 3b 2d 2d 67 72 69 64 53 75 62 63 61 72 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 2d 2d 74 61 62 6c 65 49 63 6f 6e 43 6f 6c 6f 72 3a 23 38 63 39 65 62 31 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 57 68 69 74 65 3a 23 66 66 66 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 4c 69 67 68 74 3a 23 65 33 65 37 65 63 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 44 61 72 6b 3a 23 30 61 32 35 34 30 3b 2d 2d 62 75 6c 6c 65 74 43 6f 6c 6f 72 3a 23 63 66 64 37 64 66 3b 2d 2d 66 6f 6f 74 6e 6f 74 65 54 65 78 74 43 6f 6c 6f 72 3a 23 34 64 35 62 37 38 3b 2d 2d 64 69 73 63 6c 61 69 6d 65 72 54 65 78 74 43 6f 6c 6f 72 3a 23 37 30 37 66 39 38 3b 2d 2d 69 6e 6c 69 6e 65 43 6f 64 65 54 65 78 74 43 6f 6c 6f 72 3a 23 32 63 33 61 35 37 3b 2d 2d 69 6e
                                                                                                                                                                                                                          Data Ascii: f6f9fc;--gridSubcardBackground:#fff;--tableIconColor:#8c9eb1;--stripeAccentWhite:#fff;--stripeAccentLight:#e3e7ec;--stripeAccentDark:#0a2540;--bulletColor:#cfd7df;--footnoteTextColor:#4d5b78;--disclaimerTextColor:#707f98;--inlineCodeTextColor:#2c3a57;--in
                                                                                                                                                                                                                          2024-05-05 12:33:42 UTC16384INData Raw: 6f 6c 6f 72 3a 23 66 61 62 30 30 30 7d 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 66 66 63 65 34 38 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 66 6c 61 76 6f 72 2d 2d 54 72 6f 70 69 63 61 6c 7b 2d 2d 62 6c 65 6e 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 38 30 65 39 66 66 3b 2d 2d 62 6c 65 6e 64 49 6e 74 65 72 73 65 63 74 69 6f 6e 3a 23 30 30 34 38 65 35 3b 2d 2d 62 6c 65 6e 64 46 6f 72 65 67 72 6f 75 6e 64 3a 23 37 61 37 33 66 66 3b 2d 2d 67 72 61 64 69 65 6e 74 43 6f 6c 6f 72 5a 65 72 6f
                                                                                                                                                                                                                          Data Ascii: olor:#fab000}.flavor--Sunset.theme--Dark.accent--Yellow,.flavor--Sunset.theme--Dark .accent--Yellow{--accentColor:#ffce48}</style><style>.flavor--Tropical{--blendBackground:#80e9ff;--blendIntersection:#0048e5;--blendForeground:#7a73ff;--gradientColorZero
                                                                                                                                                                                                                          2024-05-05 12:33:42 UTC16384INData Raw: 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 49 6e 76 6f 69 63 69 6e 67 46 65 61 74 75 72 65 47 72 61 70 68 69 63 2d 64 62 39 35 66 36 63 62 66 61 36 33 38 63 63 61 31 35 31 65 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 44 65 76 65 6c 6f 70 65 72 73
                                                                                                                                                                                                                          Data Ascii: esheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/InvoicingFeatureGraphic-db95f6cbfa638cca151e.css" media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Developers
                                                                                                                                                                                                                          2024-05-05 12:33:42 UTC16384INData Raw: 36 47 48 48 37 4e 46 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 50 61 79 6d 65 6e 74 73 41 6e 69 6d 61 74 69 6f 6e 2d 56 43 35 4d 44 35 32 51 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 49 63 6f 6e 47 72 69 64 2d 53 52 36 44 55 4d 59 43 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68
                                                                                                                                                                                                                          Data Ascii: 6GHH7NF.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorPaymentsAnimation-VC5MD52Q.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorIconGrid-SR6DUMYC.js"},{"critical":false,"path


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          126192.168.2.44988344.240.201.864434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:42 UTC433OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7; cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9
                                                                                                                                                                                                                          2024-05-05 12:33:42 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:42 GMT
                                                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                                                          Content-Length: 138
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Location: https://stripe.com
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:33:42 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                          Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          127192.168.2.449885198.202.176.814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:42 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                          Host: stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
                                                                                                                                                                                                                          2024-05-05 12:33:42 UTC4216INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:42 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                          Content-Length: 2253471
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                          Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                          Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                          Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                          Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                          X-Mkt-Cache: HIT
                                                                                                                                                                                                                          X-Wis-Cache-Control: max-age=300
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                          2024-05-05 12:33:42 UTC12168INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                          2024-05-05 12:33:42 UTC16384INData Raw: 64 20 2e 53 65 63 74 69 6f 6e 5f 5f 6c 61 79 6f 75 74 7b 2d 2d 73 65 63 74 69 6f 6e 50 61 64 64 69 6e 67 54 6f 70 3a 30 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 3a 32 35 30 6d 73 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 53 70 61 63 69 6e 67 3a 31 33 70 78 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a
                                                                                                                                                                                                                          Data Ascii: d .Section__layout{--sectionPaddingTop:0}</style><style>.SiteHeader{--siteMenuTransition:250ms;--siteMenuArrowSpacing:13px;--siteMenuArrowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:
                                                                                                                                                                                                                          2024-05-05 12:33:42 UTC16384INData Raw: 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 31 32 30 25 29 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 2c 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 62 61 63 6b 42 75 74 74 6f 6e 7b 6f 70 61 63 69 74 79 3a 30 3b 76 69 73 69 62 69 6c 69 74 79 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 49 6e 29 3b 70 6f 69 6e 74 65 72 2d 65 76 65 6e 74 73 3a 6e 6f
                                                                                                                                                                                                                          Data Ascii: -color:transparent}.MobileMenu--isSubMenuActive .MobileMenu__logo{transform:translateX(-120%)}.MobileMenu--isSubMenuActive .MobileMenu__logo,.MobileMenu__backButton{opacity:0;visibility:hidden;transition:var(--siteMobileMenuTransitionIn);pointer-events:no
                                                                                                                                                                                                                          2024-05-05 12:33:43 UTC16384INData Raw: 69 6f 6e 2d 70 72 6f 70 65 72 74 79 3a 74 72 61 6e 73 66 6f 72 6d 3b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 7a 2d 69 6e 64 65 78 3a 32 7d 2e 53 69 74 65 48 65 61 64 65 72 2d 2d 64 72 6f 70 64 6f 77 6e 56 69 73 69 62 6c 65 20 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 59 28 30 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 29 29 20 72 6f 74 61 74 65 28 34 35 64 65 67 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e
                                                                                                                                                                                                                          Data Ascii: ion-property:transform;transition-duration:var(--siteMenuTransition);z-index:2}.SiteHeader--dropdownVisible .SiteHeaderArrow{transform:translateY(0) translateX(var(--siteMenuArrowOffset)) rotate(45deg)}@media (max-width:899px){.SiteHeaderArrow{display:non
                                                                                                                                                                                                                          2024-05-05 12:33:43 UTC16384INData Raw: 61 64 65 72 2c 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 3d 65 73 2d 75 73 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 37 38 70 78 7d 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 2a 3d 6a 61 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 36 36 70 78 7d 7d 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 76 61 72 28 2d 2d 63 61 70 74 69 6f 6e 4d 61 72 67 69 6e 54 6f 70 29 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 36 30 30 70 78 29 7b 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 69 6e 2d 77 69 64 74 68
                                                                                                                                                                                                                          Data Ascii: ader,.MktRoot[lang=es-us] .HomepageHeroHeader{--titleFontSize:78px}.MktRoot[lang*=ja] .HomepageHeroHeader{--titleFontSize:66px}}.HomepageHeroHeader__caption{margin-top:var(--captionMarginTop)}@media (min-width:600px){.HomepageHeroHeader__caption{min-width
                                                                                                                                                                                                                          2024-05-05 12:33:43 UTC16384INData Raw: 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 5a 28 30 29 7d 2e 46 61 63 65 2e 69 73 2d 70 68 6f 6e 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 7b 6f 70 61 63 69 74 79 3a 31 3b 74 72 61 6e 73 66 6f 72 6d 3a 70 65 72 73 70 65 63 74 69 76 65 28 35 30 30 70 78 29 20 74 72 61 6e 73 6c 61 74 65 59 28 31 32 70 78 29 20 72 6f 74 61 74 65 58 28 30 64 65 67 29 3b 61 6e 69 6d 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 66 61 63 65 41 6e 69 6d 61 74 69 6f 6e 44 69 73 61 62 6c 65 64 2c 70 68 6f 6e 65 2d 74 61 70 20 32 2e 37 73 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 66 6f 72 77 61 72 64 73 20 69 6e 66 69 6e 69 74 65 20 2e 34 73 29 7d 2e 46 61 63 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 43 6c 69 70 2c 2e 46 61 63 65 20 2e 46 61 63
                                                                                                                                                                                                                          Data Ascii: flow:hidden;transform:translateZ(0)}.Face.is-phone .Face__phone{opacity:1;transform:perspective(500px) translateY(12px) rotateX(0deg);animation:var(--faceAnimationDisabled,phone-tap 2.7s ease-in-out forwards infinite .4s)}.Face .Face__phoneClip,.Face .Fac
                                                                                                                                                                                                                          2024-05-05 12:33:43 UTC16384INData Raw: 66 36 66 39 66 63 3b 2d 2d 67 72 69 64 53 75 62 63 61 72 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 2d 2d 74 61 62 6c 65 49 63 6f 6e 43 6f 6c 6f 72 3a 23 38 63 39 65 62 31 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 57 68 69 74 65 3a 23 66 66 66 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 4c 69 67 68 74 3a 23 65 33 65 37 65 63 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 44 61 72 6b 3a 23 30 61 32 35 34 30 3b 2d 2d 62 75 6c 6c 65 74 43 6f 6c 6f 72 3a 23 63 66 64 37 64 66 3b 2d 2d 66 6f 6f 74 6e 6f 74 65 54 65 78 74 43 6f 6c 6f 72 3a 23 34 64 35 62 37 38 3b 2d 2d 64 69 73 63 6c 61 69 6d 65 72 54 65 78 74 43 6f 6c 6f 72 3a 23 37 30 37 66 39 38 3b 2d 2d 69 6e 6c 69 6e 65 43 6f 64 65 54 65 78 74 43 6f 6c 6f 72 3a 23 32 63 33 61 35 37 3b 2d 2d 69 6e
                                                                                                                                                                                                                          Data Ascii: f6f9fc;--gridSubcardBackground:#fff;--tableIconColor:#8c9eb1;--stripeAccentWhite:#fff;--stripeAccentLight:#e3e7ec;--stripeAccentDark:#0a2540;--bulletColor:#cfd7df;--footnoteTextColor:#4d5b78;--disclaimerTextColor:#707f98;--inlineCodeTextColor:#2c3a57;--in
                                                                                                                                                                                                                          2024-05-05 12:33:43 UTC16384INData Raw: 6f 6c 6f 72 3a 23 66 61 62 30 30 30 7d 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 66 66 63 65 34 38 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 66 6c 61 76 6f 72 2d 2d 54 72 6f 70 69 63 61 6c 7b 2d 2d 62 6c 65 6e 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 38 30 65 39 66 66 3b 2d 2d 62 6c 65 6e 64 49 6e 74 65 72 73 65 63 74 69 6f 6e 3a 23 30 30 34 38 65 35 3b 2d 2d 62 6c 65 6e 64 46 6f 72 65 67 72 6f 75 6e 64 3a 23 37 61 37 33 66 66 3b 2d 2d 67 72 61 64 69 65 6e 74 43 6f 6c 6f 72 5a 65 72 6f
                                                                                                                                                                                                                          Data Ascii: olor:#fab000}.flavor--Sunset.theme--Dark.accent--Yellow,.flavor--Sunset.theme--Dark .accent--Yellow{--accentColor:#ffce48}</style><style>.flavor--Tropical{--blendBackground:#80e9ff;--blendIntersection:#0048e5;--blendForeground:#7a73ff;--gradientColorZero
                                                                                                                                                                                                                          2024-05-05 12:33:43 UTC16384INData Raw: 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 49 6e 76 6f 69 63 69 6e 67 46 65 61 74 75 72 65 47 72 61 70 68 69 63 2d 64 62 39 35 66 36 63 62 66 61 36 33 38 63 63 61 31 35 31 65 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 44 65 76 65 6c 6f 70 65 72 73
                                                                                                                                                                                                                          Data Ascii: esheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/InvoicingFeatureGraphic-db95f6cbfa638cca151e.css" media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Developers
                                                                                                                                                                                                                          2024-05-05 12:33:43 UTC16384INData Raw: 36 47 48 48 37 4e 46 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 50 61 79 6d 65 6e 74 73 41 6e 69 6d 61 74 69 6f 6e 2d 56 43 35 4d 44 35 32 51 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 49 63 6f 6e 47 72 69 64 2d 53 52 36 44 55 4d 59 43 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68
                                                                                                                                                                                                                          Data Ascii: 6GHH7NF.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorPaymentsAnimation-VC5MD52Q.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorIconGrid-SR6DUMYC.js"},{"critical":false,"path


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          128192.168.2.44988444.237.131.1214434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:42 UTC659OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 796
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://m.stripe.network
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://m.stripe.network/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7
                                                                                                                                                                                                                          2024-05-05 12:33:42 UTC796OUTData Raw: 4a 54 64 43 4a 54 49 79 62 58 56 70 5a 43 55 79 4d 69 55 7a 51 53 55 79 4d 6d 52 68 59 54 4e 6a 59 7a 55 79 4c 54 49 34 4d 7a 51 74 4e 47 56 68 4d 53 31 68 4e 44 5a 6a 4c 54 55 33 59 6a 63 32 4e 54 5a 6a 5a 57 5a 69 4f 54 63 35 4d 44 4a 6c 4f 53 55 79 4d 69 55 79 51 79 55 79 4d 6e 4e 70 5a 43 55 79 4d 69 55 7a 51 53 55 79 4d 6d 56 6a 5a 6a 52 6c 5a 6a 63 31 4c 54 4d 32 4e 57 4d 74 4e 44 63 35 4d 79 31 69 4d 47 55 32 4c 57 4d 35 4e 44 51 33 4f 54 67 33 4e 54 67 35 4e 6a 68 68 4d 6d 45 32 4e 53 55 79 4d 69 55 79 51 79 55 79 4d 6e 56 79 62 43 55 79 4d 69 55 7a 51 53 55 79 4d 6d 68 30 64 48 42 7a 4a 54 4e 42 4a 54 4a 47 4a 54 4a 47 5a 48 52 6c 4d 31 70 32 4e 7a 4e 4e 4d 55 78 6b 57 6c 5a 31 63 54 52 51 54 45 31 49 59 6c 42 68 55 32 70 6f 56 6e 6c 30 57 45 6b
                                                                                                                                                                                                                          Data Ascii: JTdCJTIybXVpZCUyMiUzQSUyMmRhYTNjYzUyLTI4MzQtNGVhMS1hNDZjLTU3Yjc2NTZjZWZiOTc5MDJlOSUyMiUyQyUyMnNpZCUyMiUzQSUyMmVjZjRlZjc1LTM2NWMtNDc5My1iMGU2LWM5NDQ3OTg3NTg5NjhhMmE2NSUyMiUyQyUyMnVybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGZHRlM1p2NzNNMUxkWlZ1cTRQTE1IYlBhU2poVnl0WEk
                                                                                                                                                                                                                          2024-05-05 12:33:43 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:43 GMT
                                                                                                                                                                                                                          Content-Length: 156
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          set-cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7;Expires=Tue, 05-May-2026 12:33:43 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                          x-content-type-options: nosniff
                                                                                                                                                                                                                          x-stripe-server-envoy-start-time-us: 1714912423055187
                                                                                                                                                                                                                          x-stripe-server-envoy-upstream-service-time-ms: 2
                                                                                                                                                                                                                          x-envoy-attempt-count: 1
                                                                                                                                                                                                                          x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                          x-stripe-client-envoy-start-time-us: 1714912423054784
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:33:43 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 64 61 61 33 63 63 35 32 2d 32 38 33 34 2d 34 65 61 31 2d 61 34 36 63 2d 35 37 62 37 36 35 36 63 65 66 62 39 37 39 30 32 65 39 22 2c 22 67 75 69 64 22 3a 22 32 36 39 37 37 36 30 38 2d 65 39 30 32 2d 34 39 63 37 2d 38 39 30 61 2d 38 63 66 35 61 62 30 66 38 66 31 32 35 62 63 30 65 37 22 2c 22 73 69 64 22 3a 22 65 63 66 34 65 66 37 35 2d 33 36 35 63 2d 34 37 39 33 2d 62 30 65 36 2d 63 39 34 34 37 39 38 37 35 38 39 36 38 61 32 61 36 35 22 7d
                                                                                                                                                                                                                          Data Ascii: {"muid":"daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9","guid":"26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7","sid":"ecf4ef75-365c-4793-b0e6-c944798758968a2a65"}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          129192.168.2.44988644.240.201.864434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:44 UTC433OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7; cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9
                                                                                                                                                                                                                          2024-05-05 12:33:44 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:44 GMT
                                                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                                                          Content-Length: 138
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Location: https://stripe.com
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:33:44 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                          Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          130192.168.2.449887142.251.16.1134434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:45 UTC1234OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912417432&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&tfd=7101 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:45 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:45 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          131192.168.2.449889104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:45 UTC997OUTGET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                          Sec-Fetch-User: ?1
                                                                                                                                                                                                                          Sec-Fetch-Dest: document
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912417.40.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:46 UTC1037INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:46 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                          Link: <https://bitsum.com/wp-json/>; rel="https://api.w.org/"
                                                                                                                                                                                                                          Link: <https://bitsum.com/wp-json/wp/v2/pages/26649>; rel="alternate"; type="application/json"
                                                                                                                                                                                                                          Link: <https://bitsum.com/?p=26649>; rel=shortlink
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ehyvbJmEBXOhMTrnYCufv%2FMNpGVUOR08uuRdx3eO%2B1J6mWKEu7XwFRAhjkQ%2F3S9hvZH3B7zsoTjAGn1nXw%2Fc6Xb1IvxsfBMcxHEurgOGhHBCKxcHaW0xQxw3iwc%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c2c6caa9209a-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:46 UTC332INData Raw: 37 62 61 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65
                                                                                                                                                                                                                          Data Ascii: 7ba7<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><link rel="profile" href="http://gmpg.org/xfn/11" /><link rel="pingback" href="https://bitsum.com/xmlrpc.php" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta name
                                                                                                                                                                                                                          2024-05-05 12:33:46 UTC1369INData Raw: 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 66 61 76 69 63 6f 6e 2e 70 6e 67 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 47 65 74 20 50 72 6f 63 65 73 73 20 4c 61 73 73 6f 20 50 72 6f 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73
                                                                                                                                                                                                                          Data Ascii: port" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /><link rel="shortcut icon" href="https://bitsum.com/wp-content/uploads/favicon.png" type="image/x-icon" /><title>Get Process Lasso Pro</title><meta name="robots
                                                                                                                                                                                                                          2024-05-05 12:33:46 UTC1369INData Raw: 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 29 20 3a 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 65 66 61 75 6c 74 4c 6f 63 61 74 69 6f 6e 73 20 29 3b 0a 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 76 61 72 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 4c 6f 63 61 74 69 6f 6e 73 20 3d 20 28 74 79 70 65 6f 66 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29
                                                                                                                                                                                                                          Data Ascii: ery === 'object') ? MonsterInsightsPrivacyGuardFilter( MonsterInsightsExcludeQuery ) : MonsterInsightsPrivacyGuardFilter( MonsterInsightsDefaultLocations );} else {var MonsterInsightsLocations = (typeof MonsterInsightsExcludeQuery === 'object')
                                                                                                                                                                                                                          2024-05-05 12:33:46 UTC1369INData Raw: 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 20 3d 20 7b 0a 09 09 09 09 09 68 65 6c 70 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 09 74 72 61 63 6b 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 7d 3b 0a 09 09 09 09 69 66 20 28 6d 69 5f 74 72 61 63 6b 5f 75 73 65 72 29 20 7b 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 29 20 7b 0a 09 09 09 09 09 09 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 0a 09 09 09 09 09 7d 0a 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 54 72 61 63 6b 65 72 28 74 79 70 65 2c 20 6e 61 6d 65 2c 20 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 69 66 20 28 21 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 09 70
                                                                                                                                                                                                                          Data Ascii: InsightsDualTracker = {helpers: {},trackers: {},};if (mi_track_user) {function __gtagDataLayer() {dataLayer.push(arguments);}function __gtagTracker(type, name, parameters) {if (!parameters) {p
                                                                                                                                                                                                                          2024-05-05 12:33:46 UTC1369INData Raw: 70 73 3a 2f 2f 64 65 76 65 6c 6f 70 65 72 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 6e 61 6c 79 74 69 63 73 2f 64 65 76 67 75 69 64 65 73 2f 63 6f 6c 6c 65 63 74 69 6f 6e 2f 61 6e 61 6c 79 74 69 63 73 6a 73 2f 20 2a 2f 0a 09 09 09 09 09 09 2f 2a 20 67 61 20 61 6e 64 20 5f 5f 67 61 54 72 61 63 6b 65 72 20 63 6f 6d 70 61 74 69 62 69 6c 69 74 79 20 73 68 69 6d 2e 20 2a 2f 0a 09 09 09 09 09 09 76 61 72 20 6e 6f 6f 70 66 6e 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 0a 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 76 61 72 20 6e 65 77 74 72 61 63 6b 65 72 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 65 77 20 54 72 61 63 6b 65 72 28 29 3b 0a 09 09
                                                                                                                                                                                                                          Data Ascii: ps://developers.google.com/analytics/devguides/collection/analyticsjs/ *//* ga and __gaTracker compatibility shim. */var noopfn = function () {return null;};var newtracker = function () {return new Tracker();
                                                                                                                                                                                                                          2024-05-05 12:33:46 UTC1369INData Raw: 09 27 65 76 65 6e 74 41 63 74 69 6f 6e 27 3a 20 27 70 61 67 65 5f 76 69 65 77 27 2c 0a 09 09 09 09 09 09 09 09 09 09 09 09 27 70 61 67 65 5f 70 61 74 68 27 3a 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 2c 0a 09 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 4f 62 6a 65 63 74 20 3d 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 35 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09
                                                                                                                                                                                                                          Data Ascii: 'eventAction': 'page_view','page_path': arguments[2],}}}if (typeof arguments[2] === 'object') {hitObject = arguments[2];}if (typeof arguments[5] === 'object') {
                                                                                                                                                                                                                          2024-05-05 12:33:46 UTC1369INData Raw: 27 2c 0a 09 09 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 09 09 66 6f 72 20 28 61 72 67 20 69 6e 20 61 72 67 73 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 69 66 20 28 21 28 21 61 72 67 73 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 20 7c 7c 20 21 67 61 4d 61 70 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 29 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 67 61 4d 61 70 5b 61 72 67 5d 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 61 72 67 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 68 69 74 3b
                                                                                                                                                                                                                          Data Ascii: ',};for (arg in args) {if (!(!args.hasOwnProperty(arg) || !gaMap.hasOwnProperty(arg))) {hit[gaMap[arg]] = args[arg];} else {hit[arg] = args[arg];}}return hit;
                                                                                                                                                                                                                          2024-05-05 12:33:46 UTC1369INData Raw: 72 74 79 28 6d 61 70 49 6e 64 65 78 29 29 20 7b 0a 09 09 09 09 09 09 69 74 65 6d 5b 66 69 65 6c 64 4d 61 70 5b 6d 61 70 49 6e 64 65 78 5d 5d 20 3d 20 75 61 49 74 65 6d 5b 6d 61 70 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 7d 0a 09 09 09 09 7d 0a 0a 09 09 09 09 66 6f 72 20 28 70 72 65 66 69 78 49 6e 64 65 78 20 3d 20 30 3b 20 70 72 65 66 69 78 49 6e 64 65 78 20 3c 20 74 6f 42 65 50 72 65 66 69 78 65 64 2e 6c 65 6e 67 74 68 3b 20 70 72 65 66 69 78 49 6e 64 65 78 2b 2b 29 20 7b 0a 09 09 09 09 09 70 72 65 66 69 78 4b 65 79 20 3d 20 74 6f 42 65 50 72 65 66 69 78 65 64 5b 70 72 65 66 69 78 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 75 61 49 74 65 6d 5b 70 72 65 66 69 78 4b 65 79 5d 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 29 20
                                                                                                                                                                                                                          Data Ascii: rty(mapIndex)) {item[fieldMap[mapIndex]] = uaItem[mapIndex];}}for (prefixIndex = 0; prefixIndex < toBePrefixed.length; prefixIndex++) {prefixKey = toBePrefixed[prefixIndex];if (typeof uaItem[prefixKey] !== 'undefined')
                                                                                                                                                                                                                          2024-05-05 12:33:46 UTC1369INData Raw: 29 20 7b 0a 09 09 09 09 63 6f 6e 73 74 20 69 74 65 6d 73 20 3d 20 70 61 72 61 6d 65 74 65 72 73 2e 69 74 65 6d 73 2e 6d 61 70 28 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 68 65 6c 70 65 72 73 2e 6d 61 70 50 72 6f 64 75 63 74 49 74 65 6d 29 3b 0a 09 09 09 09 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 27 65 76 65 6e 74 27 2c 20 27 73 65 6c 65 63 74 5f 69 74 65 6d 27 2c 20 7b 69 74 65 6d 73 3a 20 69 74 65 6d 73 2c 20 73 65 6e 64 5f 74 6f 3a 20 70 61 72 61 6d 65 74 65 72 73 2e 73 65 6e 64 5f 74 6f 7d 29 3b 0a 09 09 09 7d 3b 0a 0a 09 09 09 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 74 72 61 63 6b 65 72 73 5b 27 76 69 65 77 5f 69 74 65 6d 27 5d 20 3d 20 66 75 6e 63 74 69 6f 6e 20
                                                                                                                                                                                                                          Data Ascii: ) {const items = parameters.items.map(MonsterInsightsDualTracker.helpers.mapProductItem);__gtagDataLayer('event', 'select_item', {items: items, send_to: parameters.send_to});};MonsterInsightsDualTracker.trackers['view_item'] = function
                                                                                                                                                                                                                          2024-05-05 12:33:46 UTC1369INData Raw: 5d 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 75 28 65 2c 74 2c 6e 29 7b 73 77 69 74 63 68 28 74 29 7b 63 61 73 65 22 66 6c 61 67 22 3a 72 65 74 75 72 6e 20 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 32 36 61 37 5c 75 66 65 30 66 22 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 62 5c 75 32 36 61 37 5c 75 66 65 30 66 22 29 3f 21 31 3a 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 64 38 33 63 5c 75 64 64 66 33 22 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 32 30 30 62 5c 75 64 38 33 63 5c 75 64 64 66 33 22 29 26 26 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 64 62 34 30 5c 75 64 63
                                                                                                                                                                                                                          Data Ascii: ]})}function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          132192.168.2.449890198.202.176.814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:46 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                          Host: stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
                                                                                                                                                                                                                          2024-05-05 12:33:46 UTC4216INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:46 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                          Content-Length: 2253471
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                          Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                          Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                          Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                          Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                          X-Mkt-Cache: HIT
                                                                                                                                                                                                                          X-Wis-Cache-Control: max-age=300
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                          2024-05-05 12:33:46 UTC12168INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                          2024-05-05 12:33:46 UTC16384INData Raw: 64 20 2e 53 65 63 74 69 6f 6e 5f 5f 6c 61 79 6f 75 74 7b 2d 2d 73 65 63 74 69 6f 6e 50 61 64 64 69 6e 67 54 6f 70 3a 30 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 3a 32 35 30 6d 73 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 53 70 61 63 69 6e 67 3a 31 33 70 78 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a
                                                                                                                                                                                                                          Data Ascii: d .Section__layout{--sectionPaddingTop:0}</style><style>.SiteHeader{--siteMenuTransition:250ms;--siteMenuArrowSpacing:13px;--siteMenuArrowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:
                                                                                                                                                                                                                          2024-05-05 12:33:46 UTC16384INData Raw: 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 31 32 30 25 29 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 2c 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 62 61 63 6b 42 75 74 74 6f 6e 7b 6f 70 61 63 69 74 79 3a 30 3b 76 69 73 69 62 69 6c 69 74 79 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 49 6e 29 3b 70 6f 69 6e 74 65 72 2d 65 76 65 6e 74 73 3a 6e 6f
                                                                                                                                                                                                                          Data Ascii: -color:transparent}.MobileMenu--isSubMenuActive .MobileMenu__logo{transform:translateX(-120%)}.MobileMenu--isSubMenuActive .MobileMenu__logo,.MobileMenu__backButton{opacity:0;visibility:hidden;transition:var(--siteMobileMenuTransitionIn);pointer-events:no
                                                                                                                                                                                                                          2024-05-05 12:33:46 UTC16384INData Raw: 69 6f 6e 2d 70 72 6f 70 65 72 74 79 3a 74 72 61 6e 73 66 6f 72 6d 3b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 7a 2d 69 6e 64 65 78 3a 32 7d 2e 53 69 74 65 48 65 61 64 65 72 2d 2d 64 72 6f 70 64 6f 77 6e 56 69 73 69 62 6c 65 20 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 59 28 30 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 29 29 20 72 6f 74 61 74 65 28 34 35 64 65 67 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e
                                                                                                                                                                                                                          Data Ascii: ion-property:transform;transition-duration:var(--siteMenuTransition);z-index:2}.SiteHeader--dropdownVisible .SiteHeaderArrow{transform:translateY(0) translateX(var(--siteMenuArrowOffset)) rotate(45deg)}@media (max-width:899px){.SiteHeaderArrow{display:non
                                                                                                                                                                                                                          2024-05-05 12:33:46 UTC16384INData Raw: 61 64 65 72 2c 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 3d 65 73 2d 75 73 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 37 38 70 78 7d 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 2a 3d 6a 61 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 36 36 70 78 7d 7d 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 76 61 72 28 2d 2d 63 61 70 74 69 6f 6e 4d 61 72 67 69 6e 54 6f 70 29 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 36 30 30 70 78 29 7b 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 69 6e 2d 77 69 64 74 68
                                                                                                                                                                                                                          Data Ascii: ader,.MktRoot[lang=es-us] .HomepageHeroHeader{--titleFontSize:78px}.MktRoot[lang*=ja] .HomepageHeroHeader{--titleFontSize:66px}}.HomepageHeroHeader__caption{margin-top:var(--captionMarginTop)}@media (min-width:600px){.HomepageHeroHeader__caption{min-width
                                                                                                                                                                                                                          2024-05-05 12:33:46 UTC16384INData Raw: 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 5a 28 30 29 7d 2e 46 61 63 65 2e 69 73 2d 70 68 6f 6e 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 7b 6f 70 61 63 69 74 79 3a 31 3b 74 72 61 6e 73 66 6f 72 6d 3a 70 65 72 73 70 65 63 74 69 76 65 28 35 30 30 70 78 29 20 74 72 61 6e 73 6c 61 74 65 59 28 31 32 70 78 29 20 72 6f 74 61 74 65 58 28 30 64 65 67 29 3b 61 6e 69 6d 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 66 61 63 65 41 6e 69 6d 61 74 69 6f 6e 44 69 73 61 62 6c 65 64 2c 70 68 6f 6e 65 2d 74 61 70 20 32 2e 37 73 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 66 6f 72 77 61 72 64 73 20 69 6e 66 69 6e 69 74 65 20 2e 34 73 29 7d 2e 46 61 63 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 43 6c 69 70 2c 2e 46 61 63 65 20 2e 46 61 63
                                                                                                                                                                                                                          Data Ascii: flow:hidden;transform:translateZ(0)}.Face.is-phone .Face__phone{opacity:1;transform:perspective(500px) translateY(12px) rotateX(0deg);animation:var(--faceAnimationDisabled,phone-tap 2.7s ease-in-out forwards infinite .4s)}.Face .Face__phoneClip,.Face .Fac
                                                                                                                                                                                                                          2024-05-05 12:33:46 UTC16384INData Raw: 66 36 66 39 66 63 3b 2d 2d 67 72 69 64 53 75 62 63 61 72 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 2d 2d 74 61 62 6c 65 49 63 6f 6e 43 6f 6c 6f 72 3a 23 38 63 39 65 62 31 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 57 68 69 74 65 3a 23 66 66 66 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 4c 69 67 68 74 3a 23 65 33 65 37 65 63 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 44 61 72 6b 3a 23 30 61 32 35 34 30 3b 2d 2d 62 75 6c 6c 65 74 43 6f 6c 6f 72 3a 23 63 66 64 37 64 66 3b 2d 2d 66 6f 6f 74 6e 6f 74 65 54 65 78 74 43 6f 6c 6f 72 3a 23 34 64 35 62 37 38 3b 2d 2d 64 69 73 63 6c 61 69 6d 65 72 54 65 78 74 43 6f 6c 6f 72 3a 23 37 30 37 66 39 38 3b 2d 2d 69 6e 6c 69 6e 65 43 6f 64 65 54 65 78 74 43 6f 6c 6f 72 3a 23 32 63 33 61 35 37 3b 2d 2d 69 6e
                                                                                                                                                                                                                          Data Ascii: f6f9fc;--gridSubcardBackground:#fff;--tableIconColor:#8c9eb1;--stripeAccentWhite:#fff;--stripeAccentLight:#e3e7ec;--stripeAccentDark:#0a2540;--bulletColor:#cfd7df;--footnoteTextColor:#4d5b78;--disclaimerTextColor:#707f98;--inlineCodeTextColor:#2c3a57;--in
                                                                                                                                                                                                                          2024-05-05 12:33:46 UTC16384INData Raw: 6f 6c 6f 72 3a 23 66 61 62 30 30 30 7d 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 66 66 63 65 34 38 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 66 6c 61 76 6f 72 2d 2d 54 72 6f 70 69 63 61 6c 7b 2d 2d 62 6c 65 6e 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 38 30 65 39 66 66 3b 2d 2d 62 6c 65 6e 64 49 6e 74 65 72 73 65 63 74 69 6f 6e 3a 23 30 30 34 38 65 35 3b 2d 2d 62 6c 65 6e 64 46 6f 72 65 67 72 6f 75 6e 64 3a 23 37 61 37 33 66 66 3b 2d 2d 67 72 61 64 69 65 6e 74 43 6f 6c 6f 72 5a 65 72 6f
                                                                                                                                                                                                                          Data Ascii: olor:#fab000}.flavor--Sunset.theme--Dark.accent--Yellow,.flavor--Sunset.theme--Dark .accent--Yellow{--accentColor:#ffce48}</style><style>.flavor--Tropical{--blendBackground:#80e9ff;--blendIntersection:#0048e5;--blendForeground:#7a73ff;--gradientColorZero
                                                                                                                                                                                                                          2024-05-05 12:33:46 UTC16384INData Raw: 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 49 6e 76 6f 69 63 69 6e 67 46 65 61 74 75 72 65 47 72 61 70 68 69 63 2d 64 62 39 35 66 36 63 62 66 61 36 33 38 63 63 61 31 35 31 65 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 44 65 76 65 6c 6f 70 65 72 73
                                                                                                                                                                                                                          Data Ascii: esheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/InvoicingFeatureGraphic-db95f6cbfa638cca151e.css" media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Developers
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC16384INData Raw: 36 47 48 48 37 4e 46 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 50 61 79 6d 65 6e 74 73 41 6e 69 6d 61 74 69 6f 6e 2d 56 43 35 4d 44 35 32 51 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 49 63 6f 6e 47 72 69 64 2d 53 52 36 44 55 4d 59 43 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68
                                                                                                                                                                                                                          Data Ascii: 6GHH7NF.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorPaymentsAnimation-VC5MD52Q.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorIconGrid-SR6DUMYC.js"},{"critical":false,"path


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          133192.168.2.44989144.240.201.864434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:46 UTC433OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7; cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:47 GMT
                                                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                                                          Content-Length: 138
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Location: https://stripe.com
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                          Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          134192.168.2.449888104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:46 UTC885OUTGET /?custom-css=c8bee26073 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912417.40.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC826INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:47 GMT
                                                                                                                                                                                                                          Content-Type: text/css;charset=UTF-8
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Mon, 05 May 2025 12:33:47 GMT
                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IgXja3hr6txum%2BSispXH29HpRTq45ueLKeYKpaV2qWsusVws%2FbkNySJ55IPurajTliGLSb59khfFDlNPRDDF9p%2ByO9x3p9gJakbcua74d9cneQL%2BBsim1%2Ffl4Wk%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c2cc390d0a7d-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC543INData Raw: 66 31 38 0d 0a 40 69 6d 70 6f 72 74 20 75 72 6c 28 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 26 64 69 73 70 6c 61 79 3d 73 77 61 70 27 29 3b 0a 0a 2f 2a 20 64 69 73 61 62 6c 65 20 64 61 72 6b 20 6d 6f 64 65 20 70 65 6e 64 69 6e 67 20 6d 6f 72 65 20 70 72 65 63 69 73 65 20 77 6f 72 6b 20 2a 2f 0a 2f 2a 20 40 69 6d 70 6f 72 74 20 22 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6d 65 6d 69 6e 7a 2f 63 73 73 2f 64 61 72 6b 6d 6f 64 65 2d 63 75 73 74 6f 6d 2e 63 73 73 22 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 20 64 61 72 6b 29 3b 0a 2a 2f 0a 0a 23 6e 6f 2d 75 73 65 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f
                                                                                                                                                                                                                          Data Ascii: f18@import url('https://fonts.googleapis.com/css2?family=Roboto&display=swap');/* disable dark mode pending more precise work *//* @import "/wp-content/themes/meminz/css/darkmode-custom.css" (prefers-color-scheme: dark);*/#no-use {margin: 0 auto
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC1369INData Raw: 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 66 6f 63 75 73 0a 7b 0a 09 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 68 6f 76 65 72 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 2e 73 65 6c 65 63 74 65 64 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61
                                                                                                                                                                                                                          Data Ascii: bar-default .navbar-nav li a:focus{border: none;}.navbar-default .navbar-nav li a:hover,.navbar-default .navbar-nav li a.selected,.navbar-default .navbar-nav .active a,.navbar-default .navbar-nav .dropdown.active a,.navbar-default .navbar-nav .a
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC1369INData Raw: 20 23 30 30 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 2e 35 65 6d 3b 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 2e 35 65 6d 3b 0a 09 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 37 30 30 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 32 70 78 3b 0a 09 2d 6d 6f 7a 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 77 65 62 6b 69 74 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 6b 68 74 6d 6c 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 3b 0a 09 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 7d 0a 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 61 63 74 69 76 65 2c 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 68 6f
                                                                                                                                                                                                                          Data Ascii: #000;padding: .5em;line-height: 2.5em;font-weight: 700;border-width: 2px;-moz-border-radius: .5em;-webkit-border-radius: .5em;-khtml-border-radius: .5em .5em .5em .5em;border-radius: .5em;}a.download_button:active,a.download_button:ho
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC590INData Raw: 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 45 30 45 30 45 30 3b 0a 09 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 39 41 39 41 39 41 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 31 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 7d 0a 0a 2e 77 70 62 5f 63 6f 6e 74 65 6e 74 5f 65 6c 65 6d 65 6e 74 20 2e 77 70 62 5f 74 61 62 73 5f 6e 61 76 20 7b 0a 09 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 68 69 64 64 65 6e 2c 20 2e 65 64 64 5f 73 6c 5f 6e 6f 5f 6d 61 6e 61 67 65 6d 65 6e 74 2c 20 2e 65 64 64 5f 73 6c 5f 73 74 61 74 75 73 5f 6c 61 62 65 6c 2c 20 2e 65 64 64 2d 73 6c 2d 61 63 74
                                                                                                                                                                                                                          Data Ascii: ound-color: #E0E0E0;border-color: #9A9A9A;border-width: 1px;border-top-left-radius: 6px;border-top-right-radius: 6px;}.wpb_content_element .wpb_tabs_nav {border-style: none;}.hidden, .edd_sl_no_management, .edd_sl_status_label, .edd-sl-act
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          135192.168.2.449892198.202.176.814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:46 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                          Host: stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC4216INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:47 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                          Content-Length: 2253471
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                          Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                          Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                          Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                          Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                          X-Mkt-Cache: HIT
                                                                                                                                                                                                                          X-Wis-Cache-Control: max-age=300
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC12168INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC16384INData Raw: 64 20 2e 53 65 63 74 69 6f 6e 5f 5f 6c 61 79 6f 75 74 7b 2d 2d 73 65 63 74 69 6f 6e 50 61 64 64 69 6e 67 54 6f 70 3a 30 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 3a 32 35 30 6d 73 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 53 70 61 63 69 6e 67 3a 31 33 70 78 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a
                                                                                                                                                                                                                          Data Ascii: d .Section__layout{--sectionPaddingTop:0}</style><style>.SiteHeader{--siteMenuTransition:250ms;--siteMenuArrowSpacing:13px;--siteMenuArrowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC16384INData Raw: 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 31 32 30 25 29 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 2c 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 62 61 63 6b 42 75 74 74 6f 6e 7b 6f 70 61 63 69 74 79 3a 30 3b 76 69 73 69 62 69 6c 69 74 79 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 49 6e 29 3b 70 6f 69 6e 74 65 72 2d 65 76 65 6e 74 73 3a 6e 6f
                                                                                                                                                                                                                          Data Ascii: -color:transparent}.MobileMenu--isSubMenuActive .MobileMenu__logo{transform:translateX(-120%)}.MobileMenu--isSubMenuActive .MobileMenu__logo,.MobileMenu__backButton{opacity:0;visibility:hidden;transition:var(--siteMobileMenuTransitionIn);pointer-events:no
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC16384INData Raw: 69 6f 6e 2d 70 72 6f 70 65 72 74 79 3a 74 72 61 6e 73 66 6f 72 6d 3b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 7a 2d 69 6e 64 65 78 3a 32 7d 2e 53 69 74 65 48 65 61 64 65 72 2d 2d 64 72 6f 70 64 6f 77 6e 56 69 73 69 62 6c 65 20 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 59 28 30 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 29 29 20 72 6f 74 61 74 65 28 34 35 64 65 67 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e
                                                                                                                                                                                                                          Data Ascii: ion-property:transform;transition-duration:var(--siteMenuTransition);z-index:2}.SiteHeader--dropdownVisible .SiteHeaderArrow{transform:translateY(0) translateX(var(--siteMenuArrowOffset)) rotate(45deg)}@media (max-width:899px){.SiteHeaderArrow{display:non
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC16384INData Raw: 61 64 65 72 2c 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 3d 65 73 2d 75 73 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 37 38 70 78 7d 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 2a 3d 6a 61 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 36 36 70 78 7d 7d 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 76 61 72 28 2d 2d 63 61 70 74 69 6f 6e 4d 61 72 67 69 6e 54 6f 70 29 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 36 30 30 70 78 29 7b 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 69 6e 2d 77 69 64 74 68
                                                                                                                                                                                                                          Data Ascii: ader,.MktRoot[lang=es-us] .HomepageHeroHeader{--titleFontSize:78px}.MktRoot[lang*=ja] .HomepageHeroHeader{--titleFontSize:66px}}.HomepageHeroHeader__caption{margin-top:var(--captionMarginTop)}@media (min-width:600px){.HomepageHeroHeader__caption{min-width
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC16384INData Raw: 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 5a 28 30 29 7d 2e 46 61 63 65 2e 69 73 2d 70 68 6f 6e 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 7b 6f 70 61 63 69 74 79 3a 31 3b 74 72 61 6e 73 66 6f 72 6d 3a 70 65 72 73 70 65 63 74 69 76 65 28 35 30 30 70 78 29 20 74 72 61 6e 73 6c 61 74 65 59 28 31 32 70 78 29 20 72 6f 74 61 74 65 58 28 30 64 65 67 29 3b 61 6e 69 6d 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 66 61 63 65 41 6e 69 6d 61 74 69 6f 6e 44 69 73 61 62 6c 65 64 2c 70 68 6f 6e 65 2d 74 61 70 20 32 2e 37 73 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 66 6f 72 77 61 72 64 73 20 69 6e 66 69 6e 69 74 65 20 2e 34 73 29 7d 2e 46 61 63 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 43 6c 69 70 2c 2e 46 61 63 65 20 2e 46 61 63
                                                                                                                                                                                                                          Data Ascii: flow:hidden;transform:translateZ(0)}.Face.is-phone .Face__phone{opacity:1;transform:perspective(500px) translateY(12px) rotateX(0deg);animation:var(--faceAnimationDisabled,phone-tap 2.7s ease-in-out forwards infinite .4s)}.Face .Face__phoneClip,.Face .Fac
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC16384INData Raw: 66 36 66 39 66 63 3b 2d 2d 67 72 69 64 53 75 62 63 61 72 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 2d 2d 74 61 62 6c 65 49 63 6f 6e 43 6f 6c 6f 72 3a 23 38 63 39 65 62 31 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 57 68 69 74 65 3a 23 66 66 66 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 4c 69 67 68 74 3a 23 65 33 65 37 65 63 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 44 61 72 6b 3a 23 30 61 32 35 34 30 3b 2d 2d 62 75 6c 6c 65 74 43 6f 6c 6f 72 3a 23 63 66 64 37 64 66 3b 2d 2d 66 6f 6f 74 6e 6f 74 65 54 65 78 74 43 6f 6c 6f 72 3a 23 34 64 35 62 37 38 3b 2d 2d 64 69 73 63 6c 61 69 6d 65 72 54 65 78 74 43 6f 6c 6f 72 3a 23 37 30 37 66 39 38 3b 2d 2d 69 6e 6c 69 6e 65 43 6f 64 65 54 65 78 74 43 6f 6c 6f 72 3a 23 32 63 33 61 35 37 3b 2d 2d 69 6e
                                                                                                                                                                                                                          Data Ascii: f6f9fc;--gridSubcardBackground:#fff;--tableIconColor:#8c9eb1;--stripeAccentWhite:#fff;--stripeAccentLight:#e3e7ec;--stripeAccentDark:#0a2540;--bulletColor:#cfd7df;--footnoteTextColor:#4d5b78;--disclaimerTextColor:#707f98;--inlineCodeTextColor:#2c3a57;--in
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC16384INData Raw: 6f 6c 6f 72 3a 23 66 61 62 30 30 30 7d 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 66 66 63 65 34 38 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 66 6c 61 76 6f 72 2d 2d 54 72 6f 70 69 63 61 6c 7b 2d 2d 62 6c 65 6e 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 38 30 65 39 66 66 3b 2d 2d 62 6c 65 6e 64 49 6e 74 65 72 73 65 63 74 69 6f 6e 3a 23 30 30 34 38 65 35 3b 2d 2d 62 6c 65 6e 64 46 6f 72 65 67 72 6f 75 6e 64 3a 23 37 61 37 33 66 66 3b 2d 2d 67 72 61 64 69 65 6e 74 43 6f 6c 6f 72 5a 65 72 6f
                                                                                                                                                                                                                          Data Ascii: olor:#fab000}.flavor--Sunset.theme--Dark.accent--Yellow,.flavor--Sunset.theme--Dark .accent--Yellow{--accentColor:#ffce48}</style><style>.flavor--Tropical{--blendBackground:#80e9ff;--blendIntersection:#0048e5;--blendForeground:#7a73ff;--gradientColorZero
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC16384INData Raw: 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 49 6e 76 6f 69 63 69 6e 67 46 65 61 74 75 72 65 47 72 61 70 68 69 63 2d 64 62 39 35 66 36 63 62 66 61 36 33 38 63 63 61 31 35 31 65 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 44 65 76 65 6c 6f 70 65 72 73
                                                                                                                                                                                                                          Data Ascii: esheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/InvoicingFeatureGraphic-db95f6cbfa638cca151e.css" media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Developers
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC16384INData Raw: 36 47 48 48 37 4e 46 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 50 61 79 6d 65 6e 74 73 41 6e 69 6d 61 74 69 6f 6e 2d 56 43 35 4d 44 35 32 51 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 49 63 6f 6e 47 72 69 64 2d 53 52 36 44 55 4d 59 43 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68
                                                                                                                                                                                                                          Data Ascii: 6GHH7NF.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorPaymentsAnimation-VC5MD52Q.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorIconGrid-SR6DUMYC.js"},{"critical":false,"path


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          136192.168.2.449893104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC1016OUTPOST /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 136
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded; charset=UTF-8
                                                                                                                                                                                                                          X-Requested-With: XMLHttpRequest
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912426.31.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC136OUTData Raw: 61 63 74 69 6f 6e 3d 65 64 64 75 68 5f 74 72 61 63 6b 5f 68 69 73 74 6f 72 79 26 70 61 67 65 5f 75 72 6c 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 62 69 74 73 75 6d 2e 63 6f 6d 25 32 46 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 25 32 46 25 33 46 64 69 73 63 6f 75 6e 74 25 33 44 42 49 54 53 55 4d 32 35 4f 46 46 25 32 36 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 25 33 44 31 26 72 65 66 65 72 72 65 72 3d
                                                                                                                                                                                                                          Data Ascii: action=edduh_track_history&page_url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&referrer=
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC1018INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:47 GMT
                                                                                                                                                                                                                          Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                          Content-Length: 120
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          X-Robots-Tag: noindex
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kTWsUybHHtSI%2Buyqa7EyxEIIeh%2FTKjec%2BWvctseIx7zbcPdKbCFTC3rA3DMiFHZYfcLZRsFkVfbT9tem2jGUShtPug%2FhwcKuoceYhdUK3tDoYZx0JwwA5NZOy0U%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c2cea9c60957-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC120INData Raw: 7b 22 73 75 63 63 65 73 73 22 3a 74 72 75 65 2c 22 64 61 74 61 22 3a 7b 22 70 61 67 65 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 62 69 74 73 75 6d 2e 63 6f 6d 5c 2f 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 5c 2f 3f 64 69 73 63 6f 75 6e 74 3d 42 49 54 53 55 4d 32 35 4f 46 46 26 23 30 33 38 3b 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 3d 31 22 7d 7d
                                                                                                                                                                                                                          Data Ascii: {"success":true,"data":{"page_url":"https:\/\/bitsum.com\/get-lasso-pro\/?discount=BITSUM25OFF&#038;inproductcoupon=1"}}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          137192.168.2.449894142.251.16.1134434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC1235OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912426112&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=1962 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:47 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          138192.168.2.449895104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC925OUTGET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714912426 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912417.40.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC747INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:47 GMT
                                                                                                                                                                                                                          Content-Type: text/css
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Fri, 20 Jan 2023 17:33:14 GMT
                                                                                                                                                                                                                          ETag: "1f80ab-0-5f2b571b5b143"
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: MISS
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KGREVqHkAJTNHZCf2c5%2Fiu0TDE3UUj03dfmyA%2BYveSELJR61G9DJLo0jYulU%2BXdKLbqnE8NMvV47Z6cmZFYu16KEBqszhvKvp4y6R%2BwmS00KH%2BzTKPqtn469vdM%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c2ceee9e28a2-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          139192.168.2.449897142.251.16.1134434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC1240OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912426112&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=2&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=3&tfd=2175 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:47 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          140192.168.2.449896142.251.16.1134434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC1690OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912426112&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr5.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr36.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr64.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true&_e [TRUNCATED]
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:47 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          141192.168.2.449898198.202.176.814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                          Host: stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC4216INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:47 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                          Content-Length: 2253471
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                          Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                          Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                          Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                          Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                          X-Mkt-Cache: HIT
                                                                                                                                                                                                                          X-Wis-Cache-Control: max-age=300
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC12168INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC16384INData Raw: 64 20 2e 53 65 63 74 69 6f 6e 5f 5f 6c 61 79 6f 75 74 7b 2d 2d 73 65 63 74 69 6f 6e 50 61 64 64 69 6e 67 54 6f 70 3a 30 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 3a 32 35 30 6d 73 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 53 70 61 63 69 6e 67 3a 31 33 70 78 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a
                                                                                                                                                                                                                          Data Ascii: d .Section__layout{--sectionPaddingTop:0}</style><style>.SiteHeader{--siteMenuTransition:250ms;--siteMenuArrowSpacing:13px;--siteMenuArrowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC16384INData Raw: 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 31 32 30 25 29 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 2c 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 62 61 63 6b 42 75 74 74 6f 6e 7b 6f 70 61 63 69 74 79 3a 30 3b 76 69 73 69 62 69 6c 69 74 79 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 49 6e 29 3b 70 6f 69 6e 74 65 72 2d 65 76 65 6e 74 73 3a 6e 6f
                                                                                                                                                                                                                          Data Ascii: -color:transparent}.MobileMenu--isSubMenuActive .MobileMenu__logo{transform:translateX(-120%)}.MobileMenu--isSubMenuActive .MobileMenu__logo,.MobileMenu__backButton{opacity:0;visibility:hidden;transition:var(--siteMobileMenuTransitionIn);pointer-events:no
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC16384INData Raw: 69 6f 6e 2d 70 72 6f 70 65 72 74 79 3a 74 72 61 6e 73 66 6f 72 6d 3b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 7a 2d 69 6e 64 65 78 3a 32 7d 2e 53 69 74 65 48 65 61 64 65 72 2d 2d 64 72 6f 70 64 6f 77 6e 56 69 73 69 62 6c 65 20 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 59 28 30 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 29 29 20 72 6f 74 61 74 65 28 34 35 64 65 67 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e
                                                                                                                                                                                                                          Data Ascii: ion-property:transform;transition-duration:var(--siteMenuTransition);z-index:2}.SiteHeader--dropdownVisible .SiteHeaderArrow{transform:translateY(0) translateX(var(--siteMenuArrowOffset)) rotate(45deg)}@media (max-width:899px){.SiteHeaderArrow{display:non
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC16384INData Raw: 61 64 65 72 2c 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 3d 65 73 2d 75 73 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 37 38 70 78 7d 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 2a 3d 6a 61 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 36 36 70 78 7d 7d 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 76 61 72 28 2d 2d 63 61 70 74 69 6f 6e 4d 61 72 67 69 6e 54 6f 70 29 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 36 30 30 70 78 29 7b 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 69 6e 2d 77 69 64 74 68
                                                                                                                                                                                                                          Data Ascii: ader,.MktRoot[lang=es-us] .HomepageHeroHeader{--titleFontSize:78px}.MktRoot[lang*=ja] .HomepageHeroHeader{--titleFontSize:66px}}.HomepageHeroHeader__caption{margin-top:var(--captionMarginTop)}@media (min-width:600px){.HomepageHeroHeader__caption{min-width
                                                                                                                                                                                                                          2024-05-05 12:33:48 UTC16384INData Raw: 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 5a 28 30 29 7d 2e 46 61 63 65 2e 69 73 2d 70 68 6f 6e 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 7b 6f 70 61 63 69 74 79 3a 31 3b 74 72 61 6e 73 66 6f 72 6d 3a 70 65 72 73 70 65 63 74 69 76 65 28 35 30 30 70 78 29 20 74 72 61 6e 73 6c 61 74 65 59 28 31 32 70 78 29 20 72 6f 74 61 74 65 58 28 30 64 65 67 29 3b 61 6e 69 6d 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 66 61 63 65 41 6e 69 6d 61 74 69 6f 6e 44 69 73 61 62 6c 65 64 2c 70 68 6f 6e 65 2d 74 61 70 20 32 2e 37 73 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 66 6f 72 77 61 72 64 73 20 69 6e 66 69 6e 69 74 65 20 2e 34 73 29 7d 2e 46 61 63 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 43 6c 69 70 2c 2e 46 61 63 65 20 2e 46 61 63
                                                                                                                                                                                                                          Data Ascii: flow:hidden;transform:translateZ(0)}.Face.is-phone .Face__phone{opacity:1;transform:perspective(500px) translateY(12px) rotateX(0deg);animation:var(--faceAnimationDisabled,phone-tap 2.7s ease-in-out forwards infinite .4s)}.Face .Face__phoneClip,.Face .Fac
                                                                                                                                                                                                                          2024-05-05 12:33:48 UTC16384INData Raw: 66 36 66 39 66 63 3b 2d 2d 67 72 69 64 53 75 62 63 61 72 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 2d 2d 74 61 62 6c 65 49 63 6f 6e 43 6f 6c 6f 72 3a 23 38 63 39 65 62 31 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 57 68 69 74 65 3a 23 66 66 66 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 4c 69 67 68 74 3a 23 65 33 65 37 65 63 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 44 61 72 6b 3a 23 30 61 32 35 34 30 3b 2d 2d 62 75 6c 6c 65 74 43 6f 6c 6f 72 3a 23 63 66 64 37 64 66 3b 2d 2d 66 6f 6f 74 6e 6f 74 65 54 65 78 74 43 6f 6c 6f 72 3a 23 34 64 35 62 37 38 3b 2d 2d 64 69 73 63 6c 61 69 6d 65 72 54 65 78 74 43 6f 6c 6f 72 3a 23 37 30 37 66 39 38 3b 2d 2d 69 6e 6c 69 6e 65 43 6f 64 65 54 65 78 74 43 6f 6c 6f 72 3a 23 32 63 33 61 35 37 3b 2d 2d 69 6e
                                                                                                                                                                                                                          Data Ascii: f6f9fc;--gridSubcardBackground:#fff;--tableIconColor:#8c9eb1;--stripeAccentWhite:#fff;--stripeAccentLight:#e3e7ec;--stripeAccentDark:#0a2540;--bulletColor:#cfd7df;--footnoteTextColor:#4d5b78;--disclaimerTextColor:#707f98;--inlineCodeTextColor:#2c3a57;--in
                                                                                                                                                                                                                          2024-05-05 12:33:48 UTC16384INData Raw: 6f 6c 6f 72 3a 23 66 61 62 30 30 30 7d 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 66 66 63 65 34 38 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 66 6c 61 76 6f 72 2d 2d 54 72 6f 70 69 63 61 6c 7b 2d 2d 62 6c 65 6e 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 38 30 65 39 66 66 3b 2d 2d 62 6c 65 6e 64 49 6e 74 65 72 73 65 63 74 69 6f 6e 3a 23 30 30 34 38 65 35 3b 2d 2d 62 6c 65 6e 64 46 6f 72 65 67 72 6f 75 6e 64 3a 23 37 61 37 33 66 66 3b 2d 2d 67 72 61 64 69 65 6e 74 43 6f 6c 6f 72 5a 65 72 6f
                                                                                                                                                                                                                          Data Ascii: olor:#fab000}.flavor--Sunset.theme--Dark.accent--Yellow,.flavor--Sunset.theme--Dark .accent--Yellow{--accentColor:#ffce48}</style><style>.flavor--Tropical{--blendBackground:#80e9ff;--blendIntersection:#0048e5;--blendForeground:#7a73ff;--gradientColorZero
                                                                                                                                                                                                                          2024-05-05 12:33:48 UTC16384INData Raw: 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 49 6e 76 6f 69 63 69 6e 67 46 65 61 74 75 72 65 47 72 61 70 68 69 63 2d 64 62 39 35 66 36 63 62 66 61 36 33 38 63 63 61 31 35 31 65 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 44 65 76 65 6c 6f 70 65 72 73
                                                                                                                                                                                                                          Data Ascii: esheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/InvoicingFeatureGraphic-db95f6cbfa638cca151e.css" media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Developers
                                                                                                                                                                                                                          2024-05-05 12:33:48 UTC16384INData Raw: 36 47 48 48 37 4e 46 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 50 61 79 6d 65 6e 74 73 41 6e 69 6d 61 74 69 6f 6e 2d 56 43 35 4d 44 35 32 51 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 49 63 6f 6e 47 72 69 64 2d 53 52 36 44 55 4d 59 43 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68
                                                                                                                                                                                                                          Data Ascii: 6GHH7NF.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorPaymentsAnimation-VC5MD52Q.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorIconGrid-SR6DUMYC.js"},{"critical":false,"path


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          142192.168.2.449899192.0.76.34434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC689OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=2309&rand=0.757336543097145 HTTP/1.1
                                                                                                                                                                                                                          Host: pixel.wp.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: image
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:47 GMT
                                                                                                                                                                                                                          Content-Type: image/gif
                                                                                                                                                                                                                          Content-Length: 50
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:47 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                          Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          143192.168.2.449900104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:49 UTC648OUTGET /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912426.31.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:49 UTC811INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:49 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                          Content-Length: 1
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          X-Robots-Tag: noindex
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MFxUuLRFJnDaiF4n1jlWPCiJWT%2FYace2tSlJ3CfETiWIOW4mkZdXTNJcBA6QJMQ3wwQopaOmpM3CqaDxeV19yBs3HrbwAdu9J01YkTE17F6G826eriBpstnAXF8%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c2daab6259aa-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:49 UTC1INData Raw: 30
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          144192.168.2.449902192.0.76.34434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:50 UTC459OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=2309&rand=0.757336543097145 HTTP/1.1
                                                                                                                                                                                                                          Host: pixel.wp.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:50 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:50 GMT
                                                                                                                                                                                                                          Content-Type: image/gif
                                                                                                                                                                                                                          Content-Length: 50
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:50 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                          Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          145192.168.2.44990144.237.131.1214434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:50 UTC660OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 3512
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://m.stripe.network
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://m.stripe.network/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7
                                                                                                                                                                                                                          2024-05-05 12:33:50 UTC3512OUTData Raw: 4a 54 64 43 4a 54 49 79 64 6a 49 6c 4d 6a 49 6c 4d 30 45 78 4a 54 4a 44 4a 54 49 79 61 57 51 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 49 33 4d 47 4d 79 4d 44 6b 35 4d 54 67 7a 59 6a 63 30 5a 6a 6b 32 4e 47 51 35 4f 57 51 79 5a 47 52 6b 5a 6d 4e 6d 4f 54 68 69 59 69 55 79 4d 69 55 79 51 79 55 79 4d 6e 51 6c 4d 6a 49 6c 4d 30 45 34 4d 53 34 7a 4a 54 4a 44 4a 54 49 79 64 47 46 6e 4a 54 49 79 4a 54 4e 42 4a 54 49 79 4e 43 34 31 4c 6a 51 7a 4a 54 49 79 4a 54 4a 44 4a 54 49 79 63 33 4a 6a 4a 54 49 79 4a 54 4e 42 4a 54 49 79 61 6e 4d 6c 4d 6a 49 6c 4d 6b 4d 6c 4d 6a 4a 68 4a 54 49 79 4a 54 4e 42 4a 54 64 43 4a 54 49 79 59 53 55 79 4d 69 55 7a 51 53 55 33 51 69 55 79 4d 6e 59 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 4a 30 63 6e 56 6c 4a 54 49 79 4a 54 4a 44 4a 54 49 79 64 43 55
                                                                                                                                                                                                                          Data Ascii: JTdCJTIydjIlMjIlM0ExJTJDJTIyaWQlMjIlM0ElMjI3MGMyMDk5MTgzYjc0Zjk2NGQ5OWQyZGRkZmNmOThiYiUyMiUyQyUyMnQlMjIlM0E4MS4zJTJDJTIydGFnJTIyJTNBJTIyNC41LjQzJTIyJTJDJTIyc3JjJTIyJTNBJTIyanMlMjIlMkMlMjJhJTIyJTNBJTdCJTIyYSUyMiUzQSU3QiUyMnYlMjIlM0ElMjJ0cnVlJTIyJTJDJTIydCU
                                                                                                                                                                                                                          2024-05-05 12:33:51 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:50 GMT
                                                                                                                                                                                                                          Content-Length: 156
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          set-cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7;Expires=Tue, 05-May-2026 12:33:50 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                          x-content-type-options: nosniff
                                                                                                                                                                                                                          x-stripe-server-envoy-start-time-us: 1714912430920029
                                                                                                                                                                                                                          x-stripe-server-envoy-upstream-service-time-ms: 3
                                                                                                                                                                                                                          x-envoy-attempt-count: 1
                                                                                                                                                                                                                          x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                          x-stripe-client-envoy-start-time-us: 1714912430919709
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:33:51 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 64 61 61 33 63 63 35 32 2d 32 38 33 34 2d 34 65 61 31 2d 61 34 36 63 2d 35 37 62 37 36 35 36 63 65 66 62 39 37 39 30 32 65 39 22 2c 22 67 75 69 64 22 3a 22 32 36 39 37 37 36 30 38 2d 65 39 30 32 2d 34 39 63 37 2d 38 39 30 61 2d 38 63 66 35 61 62 30 66 38 66 31 32 35 62 63 30 65 37 22 2c 22 73 69 64 22 3a 22 65 63 66 34 65 66 37 35 2d 33 36 35 63 2d 34 37 39 33 2d 62 30 65 36 2d 63 39 34 34 37 39 38 37 35 38 39 36 38 61 32 61 36 35 22 7d
                                                                                                                                                                                                                          Data Ascii: {"muid":"daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9","guid":"26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7","sid":"ecf4ef75-365c-4793-b0e6-c944798758968a2a65"}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          146192.168.2.44990344.240.201.864434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:51 UTC433OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7; cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9
                                                                                                                                                                                                                          2024-05-05 12:33:51 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:51 GMT
                                                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                                                          Content-Length: 138
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Location: https://stripe.com
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:33:51 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                          Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          147192.168.2.449904198.202.176.814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:51 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                          Host: stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
                                                                                                                                                                                                                          2024-05-05 12:33:52 UTC4216INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:52 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                          Content-Length: 2253471
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                          Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                          Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                          Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                          Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                          X-Mkt-Cache: HIT
                                                                                                                                                                                                                          X-Wis-Cache-Control: max-age=300
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                          2024-05-05 12:33:52 UTC12168INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                          2024-05-05 12:33:52 UTC16384INData Raw: 64 20 2e 53 65 63 74 69 6f 6e 5f 5f 6c 61 79 6f 75 74 7b 2d 2d 73 65 63 74 69 6f 6e 50 61 64 64 69 6e 67 54 6f 70 3a 30 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 3a 32 35 30 6d 73 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 53 70 61 63 69 6e 67 3a 31 33 70 78 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a
                                                                                                                                                                                                                          Data Ascii: d .Section__layout{--sectionPaddingTop:0}</style><style>.SiteHeader{--siteMenuTransition:250ms;--siteMenuArrowSpacing:13px;--siteMenuArrowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:
                                                                                                                                                                                                                          2024-05-05 12:33:52 UTC16384INData Raw: 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 31 32 30 25 29 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 2c 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 62 61 63 6b 42 75 74 74 6f 6e 7b 6f 70 61 63 69 74 79 3a 30 3b 76 69 73 69 62 69 6c 69 74 79 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 49 6e 29 3b 70 6f 69 6e 74 65 72 2d 65 76 65 6e 74 73 3a 6e 6f
                                                                                                                                                                                                                          Data Ascii: -color:transparent}.MobileMenu--isSubMenuActive .MobileMenu__logo{transform:translateX(-120%)}.MobileMenu--isSubMenuActive .MobileMenu__logo,.MobileMenu__backButton{opacity:0;visibility:hidden;transition:var(--siteMobileMenuTransitionIn);pointer-events:no
                                                                                                                                                                                                                          2024-05-05 12:33:52 UTC16384INData Raw: 69 6f 6e 2d 70 72 6f 70 65 72 74 79 3a 74 72 61 6e 73 66 6f 72 6d 3b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 7a 2d 69 6e 64 65 78 3a 32 7d 2e 53 69 74 65 48 65 61 64 65 72 2d 2d 64 72 6f 70 64 6f 77 6e 56 69 73 69 62 6c 65 20 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 59 28 30 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 29 29 20 72 6f 74 61 74 65 28 34 35 64 65 67 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e
                                                                                                                                                                                                                          Data Ascii: ion-property:transform;transition-duration:var(--siteMenuTransition);z-index:2}.SiteHeader--dropdownVisible .SiteHeaderArrow{transform:translateY(0) translateX(var(--siteMenuArrowOffset)) rotate(45deg)}@media (max-width:899px){.SiteHeaderArrow{display:non
                                                                                                                                                                                                                          2024-05-05 12:33:52 UTC16384INData Raw: 61 64 65 72 2c 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 3d 65 73 2d 75 73 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 37 38 70 78 7d 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 2a 3d 6a 61 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 36 36 70 78 7d 7d 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 76 61 72 28 2d 2d 63 61 70 74 69 6f 6e 4d 61 72 67 69 6e 54 6f 70 29 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 36 30 30 70 78 29 7b 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 69 6e 2d 77 69 64 74 68
                                                                                                                                                                                                                          Data Ascii: ader,.MktRoot[lang=es-us] .HomepageHeroHeader{--titleFontSize:78px}.MktRoot[lang*=ja] .HomepageHeroHeader{--titleFontSize:66px}}.HomepageHeroHeader__caption{margin-top:var(--captionMarginTop)}@media (min-width:600px){.HomepageHeroHeader__caption{min-width
                                                                                                                                                                                                                          2024-05-05 12:33:52 UTC16384INData Raw: 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 5a 28 30 29 7d 2e 46 61 63 65 2e 69 73 2d 70 68 6f 6e 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 7b 6f 70 61 63 69 74 79 3a 31 3b 74 72 61 6e 73 66 6f 72 6d 3a 70 65 72 73 70 65 63 74 69 76 65 28 35 30 30 70 78 29 20 74 72 61 6e 73 6c 61 74 65 59 28 31 32 70 78 29 20 72 6f 74 61 74 65 58 28 30 64 65 67 29 3b 61 6e 69 6d 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 66 61 63 65 41 6e 69 6d 61 74 69 6f 6e 44 69 73 61 62 6c 65 64 2c 70 68 6f 6e 65 2d 74 61 70 20 32 2e 37 73 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 66 6f 72 77 61 72 64 73 20 69 6e 66 69 6e 69 74 65 20 2e 34 73 29 7d 2e 46 61 63 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 43 6c 69 70 2c 2e 46 61 63 65 20 2e 46 61 63
                                                                                                                                                                                                                          Data Ascii: flow:hidden;transform:translateZ(0)}.Face.is-phone .Face__phone{opacity:1;transform:perspective(500px) translateY(12px) rotateX(0deg);animation:var(--faceAnimationDisabled,phone-tap 2.7s ease-in-out forwards infinite .4s)}.Face .Face__phoneClip,.Face .Fac
                                                                                                                                                                                                                          2024-05-05 12:33:52 UTC16384INData Raw: 66 36 66 39 66 63 3b 2d 2d 67 72 69 64 53 75 62 63 61 72 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 2d 2d 74 61 62 6c 65 49 63 6f 6e 43 6f 6c 6f 72 3a 23 38 63 39 65 62 31 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 57 68 69 74 65 3a 23 66 66 66 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 4c 69 67 68 74 3a 23 65 33 65 37 65 63 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 44 61 72 6b 3a 23 30 61 32 35 34 30 3b 2d 2d 62 75 6c 6c 65 74 43 6f 6c 6f 72 3a 23 63 66 64 37 64 66 3b 2d 2d 66 6f 6f 74 6e 6f 74 65 54 65 78 74 43 6f 6c 6f 72 3a 23 34 64 35 62 37 38 3b 2d 2d 64 69 73 63 6c 61 69 6d 65 72 54 65 78 74 43 6f 6c 6f 72 3a 23 37 30 37 66 39 38 3b 2d 2d 69 6e 6c 69 6e 65 43 6f 64 65 54 65 78 74 43 6f 6c 6f 72 3a 23 32 63 33 61 35 37 3b 2d 2d 69 6e
                                                                                                                                                                                                                          Data Ascii: f6f9fc;--gridSubcardBackground:#fff;--tableIconColor:#8c9eb1;--stripeAccentWhite:#fff;--stripeAccentLight:#e3e7ec;--stripeAccentDark:#0a2540;--bulletColor:#cfd7df;--footnoteTextColor:#4d5b78;--disclaimerTextColor:#707f98;--inlineCodeTextColor:#2c3a57;--in
                                                                                                                                                                                                                          2024-05-05 12:33:52 UTC16384INData Raw: 6f 6c 6f 72 3a 23 66 61 62 30 30 30 7d 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 66 66 63 65 34 38 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 66 6c 61 76 6f 72 2d 2d 54 72 6f 70 69 63 61 6c 7b 2d 2d 62 6c 65 6e 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 38 30 65 39 66 66 3b 2d 2d 62 6c 65 6e 64 49 6e 74 65 72 73 65 63 74 69 6f 6e 3a 23 30 30 34 38 65 35 3b 2d 2d 62 6c 65 6e 64 46 6f 72 65 67 72 6f 75 6e 64 3a 23 37 61 37 33 66 66 3b 2d 2d 67 72 61 64 69 65 6e 74 43 6f 6c 6f 72 5a 65 72 6f
                                                                                                                                                                                                                          Data Ascii: olor:#fab000}.flavor--Sunset.theme--Dark.accent--Yellow,.flavor--Sunset.theme--Dark .accent--Yellow{--accentColor:#ffce48}</style><style>.flavor--Tropical{--blendBackground:#80e9ff;--blendIntersection:#0048e5;--blendForeground:#7a73ff;--gradientColorZero
                                                                                                                                                                                                                          2024-05-05 12:33:52 UTC16384INData Raw: 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 49 6e 76 6f 69 63 69 6e 67 46 65 61 74 75 72 65 47 72 61 70 68 69 63 2d 64 62 39 35 66 36 63 62 66 61 36 33 38 63 63 61 31 35 31 65 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 44 65 76 65 6c 6f 70 65 72 73
                                                                                                                                                                                                                          Data Ascii: esheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/InvoicingFeatureGraphic-db95f6cbfa638cca151e.css" media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Developers
                                                                                                                                                                                                                          2024-05-05 12:33:52 UTC16384INData Raw: 36 47 48 48 37 4e 46 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 50 61 79 6d 65 6e 74 73 41 6e 69 6d 61 74 69 6f 6e 2d 56 43 35 4d 44 35 32 51 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 49 63 6f 6e 47 72 69 64 2d 53 52 36 44 55 4d 59 43 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68
                                                                                                                                                                                                                          Data Ascii: 6GHH7NF.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorPaymentsAnimation-VC5MD52Q.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorIconGrid-SR6DUMYC.js"},{"critical":false,"path


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          148192.168.2.449905104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:52 UTC997OUTGET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                          Sec-Fetch-User: ?1
                                                                                                                                                                                                                          Sec-Fetch-Dest: document
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912426.31.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:53 UTC1041INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:53 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                          Link: <https://bitsum.com/wp-json/>; rel="https://api.w.org/"
                                                                                                                                                                                                                          Link: <https://bitsum.com/wp-json/wp/v2/pages/26649>; rel="alternate"; type="application/json"
                                                                                                                                                                                                                          Link: <https://bitsum.com/?p=26649>; rel=shortlink
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VeROFUUc9K3sJ0DB9xQaoUjIE0PvCDrVZEJMwima%2FxF0XcvkOowcqIHdOLG75a%2B7e23jcDJyQeidw6hCcuCLtzaW5Hf%2FDy%2FPurC7276jnRBp7%2FuH1KH5eI1%2FNV8%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c2eda8b0396d-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:53 UTC328INData Raw: 37 62 61 33 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65
                                                                                                                                                                                                                          Data Ascii: 7ba3<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><link rel="profile" href="http://gmpg.org/xfn/11" /><link rel="pingback" href="https://bitsum.com/xmlrpc.php" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta name
                                                                                                                                                                                                                          2024-05-05 12:33:53 UTC1369INData Raw: 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 66 61 76 69 63 6f 6e 2e 70 6e 67 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 47 65 74 20 50 72 6f 63 65 73 73 20 4c 61 73 73 6f 20 50 72 6f 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f
                                                                                                                                                                                                                          Data Ascii: viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /><link rel="shortcut icon" href="https://bitsum.com/wp-content/uploads/favicon.png" type="image/x-icon" /><title>Get Process Lasso Pro</title><meta name="ro
                                                                                                                                                                                                                          2024-05-05 12:33:53 UTC1369INData Raw: 64 65 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 29 20 3a 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 65 66 61 75 6c 74 4c 6f 63 61 74 69 6f 6e 73 20 29 3b 0a 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 76 61 72 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 4c 6f 63 61 74 69 6f 6e 73 20 3d 20 28 74 79 70 65 6f 66 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65
                                                                                                                                                                                                                          Data Ascii: deQuery === 'object') ? MonsterInsightsPrivacyGuardFilter( MonsterInsightsExcludeQuery ) : MonsterInsightsPrivacyGuardFilter( MonsterInsightsDefaultLocations );} else {var MonsterInsightsLocations = (typeof MonsterInsightsExcludeQuery === 'obje
                                                                                                                                                                                                                          2024-05-05 12:33:53 UTC1369INData Raw: 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 20 3d 20 7b 0a 09 09 09 09 09 68 65 6c 70 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 09 74 72 61 63 6b 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 7d 3b 0a 09 09 09 09 69 66 20 28 6d 69 5f 74 72 61 63 6b 5f 75 73 65 72 29 20 7b 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 29 20 7b 0a 09 09 09 09 09 09 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 0a 09 09 09 09 09 7d 0a 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 54 72 61 63 6b 65 72 28 74 79 70 65 2c 20 6e 61 6d 65 2c 20 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 69 66 20 28 21 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09
                                                                                                                                                                                                                          Data Ascii: sterInsightsDualTracker = {helpers: {},trackers: {},};if (mi_track_user) {function __gtagDataLayer() {dataLayer.push(arguments);}function __gtagTracker(type, name, parameters) {if (!parameters) {
                                                                                                                                                                                                                          2024-05-05 12:33:53 UTC1369INData Raw: 20 68 74 74 70 73 3a 2f 2f 64 65 76 65 6c 6f 70 65 72 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 6e 61 6c 79 74 69 63 73 2f 64 65 76 67 75 69 64 65 73 2f 63 6f 6c 6c 65 63 74 69 6f 6e 2f 61 6e 61 6c 79 74 69 63 73 6a 73 2f 20 2a 2f 0a 09 09 09 09 09 09 2f 2a 20 67 61 20 61 6e 64 20 5f 5f 67 61 54 72 61 63 6b 65 72 20 63 6f 6d 70 61 74 69 62 69 6c 69 74 79 20 73 68 69 6d 2e 20 2a 2f 0a 09 09 09 09 09 09 76 61 72 20 6e 6f 6f 70 66 6e 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 0a 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 76 61 72 20 6e 65 77 74 72 61 63 6b 65 72 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 65 77 20 54 72 61 63 6b 65 72 28 29
                                                                                                                                                                                                                          Data Ascii: https://developers.google.com/analytics/devguides/collection/analyticsjs/ *//* ga and __gaTracker compatibility shim. */var noopfn = function () {return null;};var newtracker = function () {return new Tracker()
                                                                                                                                                                                                                          2024-05-05 12:33:53 UTC1369INData Raw: 09 09 09 09 09 27 65 76 65 6e 74 41 63 74 69 6f 6e 27 3a 20 27 70 61 67 65 5f 76 69 65 77 27 2c 0a 09 09 09 09 09 09 09 09 09 09 09 09 27 70 61 67 65 5f 70 61 74 68 27 3a 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 2c 0a 09 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 4f 62 6a 65 63 74 20 3d 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 35 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09
                                                                                                                                                                                                                          Data Ascii: 'eventAction': 'page_view','page_path': arguments[2],}}}if (typeof arguments[2] === 'object') {hitObject = arguments[2];}if (typeof arguments[5] === 'object') {
                                                                                                                                                                                                                          2024-05-05 12:33:53 UTC1369INData Raw: 72 72 65 72 27 2c 0a 09 09 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 09 09 66 6f 72 20 28 61 72 67 20 69 6e 20 61 72 67 73 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 69 66 20 28 21 28 21 61 72 67 73 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 20 7c 7c 20 21 67 61 4d 61 70 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 29 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 67 61 4d 61 70 5b 61 72 67 5d 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 61 72 67 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 72 65 74 75 72 6e 20
                                                                                                                                                                                                                          Data Ascii: rrer',};for (arg in args) {if (!(!args.hasOwnProperty(arg) || !gaMap.hasOwnProperty(arg))) {hit[gaMap[arg]] = args[arg];} else {hit[arg] = args[arg];}}return
                                                                                                                                                                                                                          2024-05-05 12:33:53 UTC1369INData Raw: 72 6f 70 65 72 74 79 28 6d 61 70 49 6e 64 65 78 29 29 20 7b 0a 09 09 09 09 09 09 69 74 65 6d 5b 66 69 65 6c 64 4d 61 70 5b 6d 61 70 49 6e 64 65 78 5d 5d 20 3d 20 75 61 49 74 65 6d 5b 6d 61 70 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 7d 0a 09 09 09 09 7d 0a 0a 09 09 09 09 66 6f 72 20 28 70 72 65 66 69 78 49 6e 64 65 78 20 3d 20 30 3b 20 70 72 65 66 69 78 49 6e 64 65 78 20 3c 20 74 6f 42 65 50 72 65 66 69 78 65 64 2e 6c 65 6e 67 74 68 3b 20 70 72 65 66 69 78 49 6e 64 65 78 2b 2b 29 20 7b 0a 09 09 09 09 09 70 72 65 66 69 78 4b 65 79 20 3d 20 74 6f 42 65 50 72 65 66 69 78 65 64 5b 70 72 65 66 69 78 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 75 61 49 74 65 6d 5b 70 72 65 66 69 78 4b 65 79 5d 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65
                                                                                                                                                                                                                          Data Ascii: roperty(mapIndex)) {item[fieldMap[mapIndex]] = uaItem[mapIndex];}}for (prefixIndex = 0; prefixIndex < toBePrefixed.length; prefixIndex++) {prefixKey = toBePrefixed[prefixIndex];if (typeof uaItem[prefixKey] !== 'undefine
                                                                                                                                                                                                                          2024-05-05 12:33:53 UTC1369INData Raw: 74 65 72 73 29 20 7b 0a 09 09 09 09 63 6f 6e 73 74 20 69 74 65 6d 73 20 3d 20 70 61 72 61 6d 65 74 65 72 73 2e 69 74 65 6d 73 2e 6d 61 70 28 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 68 65 6c 70 65 72 73 2e 6d 61 70 50 72 6f 64 75 63 74 49 74 65 6d 29 3b 0a 09 09 09 09 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 27 65 76 65 6e 74 27 2c 20 27 73 65 6c 65 63 74 5f 69 74 65 6d 27 2c 20 7b 69 74 65 6d 73 3a 20 69 74 65 6d 73 2c 20 73 65 6e 64 5f 74 6f 3a 20 70 61 72 61 6d 65 74 65 72 73 2e 73 65 6e 64 5f 74 6f 7d 29 3b 0a 09 09 09 7d 3b 0a 0a 09 09 09 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 74 72 61 63 6b 65 72 73 5b 27 76 69 65 77 5f 69 74 65 6d 27 5d 20 3d 20 66 75 6e 63 74
                                                                                                                                                                                                                          Data Ascii: ters) {const items = parameters.items.map(MonsterInsightsDualTracker.helpers.mapProductItem);__gtagDataLayer('event', 'select_item', {items: items, send_to: parameters.send_to});};MonsterInsightsDualTracker.trackers['view_item'] = funct
                                                                                                                                                                                                                          2024-05-05 12:33:53 UTC1369INData Raw: 3d 72 5b 74 5d 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 75 28 65 2c 74 2c 6e 29 7b 73 77 69 74 63 68 28 74 29 7b 63 61 73 65 22 66 6c 61 67 22 3a 72 65 74 75 72 6e 20 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 32 36 61 37 5c 75 66 65 30 66 22 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 62 5c 75 32 36 61 37 5c 75 66 65 30 66 22 29 3f 21 31 3a 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 64 38 33 63 5c 75 64 64 66 33 22 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 32 30 30 62 5c 75 64 38 33 63 5c 75 64 64 66 33 22 29 26 26 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 64 62 34 30
                                                                                                                                                                                                                          Data Ascii: =r[t]})}function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          149192.168.2.449906104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:53 UTC885OUTGET /?custom-css=c8bee26073 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912426.31.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:54 UTC818INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:54 GMT
                                                                                                                                                                                                                          Content-Type: text/css;charset=UTF-8
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Mon, 05 May 2025 12:33:54 GMT
                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sjRqkjws9nVYUT03V50ZopgPua4MQqn2mSwKtyC2aVPpJ0KdmW8I5eBbNkKqSrmnMPAP0fQbDMiO5H2xv1mJfKvKsl8d2Z%2BUSyzYkvgOpRqfPFXnFNKvwVqhPkg%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c2f759da242b-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:54 UTC551INData Raw: 66 31 38 0d 0a 40 69 6d 70 6f 72 74 20 75 72 6c 28 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 26 64 69 73 70 6c 61 79 3d 73 77 61 70 27 29 3b 0a 0a 2f 2a 20 64 69 73 61 62 6c 65 20 64 61 72 6b 20 6d 6f 64 65 20 70 65 6e 64 69 6e 67 20 6d 6f 72 65 20 70 72 65 63 69 73 65 20 77 6f 72 6b 20 2a 2f 0a 2f 2a 20 40 69 6d 70 6f 72 74 20 22 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6d 65 6d 69 6e 7a 2f 63 73 73 2f 64 61 72 6b 6d 6f 64 65 2d 63 75 73 74 6f 6d 2e 63 73 73 22 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 20 64 61 72 6b 29 3b 0a 2a 2f 0a 0a 23 6e 6f 2d 75 73 65 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f
                                                                                                                                                                                                                          Data Ascii: f18@import url('https://fonts.googleapis.com/css2?family=Roboto&display=swap');/* disable dark mode pending more precise work *//* @import "/wp-content/themes/meminz/css/darkmode-custom.css" (prefers-color-scheme: dark);*/#no-use {margin: 0 auto
                                                                                                                                                                                                                          2024-05-05 12:33:54 UTC1369INData Raw: 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 66 6f 63 75 73 0a 7b 0a 09 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 68 6f 76 65 72 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 2e 73 65 6c 65 63 74 65 64 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 3a
                                                                                                                                                                                                                          Data Ascii: ult .navbar-nav li a:focus{border: none;}.navbar-default .navbar-nav li a:hover,.navbar-default .navbar-nav li a.selected,.navbar-default .navbar-nav .active a,.navbar-default .navbar-nav .dropdown.active a,.navbar-default .navbar-nav .active a:
                                                                                                                                                                                                                          2024-05-05 12:33:54 UTC1369INData Raw: 70 61 64 64 69 6e 67 3a 20 2e 35 65 6d 3b 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 2e 35 65 6d 3b 0a 09 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 37 30 30 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 32 70 78 3b 0a 09 2d 6d 6f 7a 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 77 65 62 6b 69 74 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 6b 68 74 6d 6c 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 3b 0a 09 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 7d 0a 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 61 63 74 69 76 65 2c 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 68 6f 76 65 72 2c 0a 61 2e 62
                                                                                                                                                                                                                          Data Ascii: padding: .5em;line-height: 2.5em;font-weight: 700;border-width: 2px;-moz-border-radius: .5em;-webkit-border-radius: .5em;-khtml-border-radius: .5em .5em .5em .5em;border-radius: .5em;}a.download_button:active,a.download_button:hover,a.b
                                                                                                                                                                                                                          2024-05-05 12:33:54 UTC582INData Raw: 6f 72 3a 20 23 45 30 45 30 45 30 3b 0a 09 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 39 41 39 41 39 41 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 31 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 7d 0a 0a 2e 77 70 62 5f 63 6f 6e 74 65 6e 74 5f 65 6c 65 6d 65 6e 74 20 2e 77 70 62 5f 74 61 62 73 5f 6e 61 76 20 7b 0a 09 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 68 69 64 64 65 6e 2c 20 2e 65 64 64 5f 73 6c 5f 6e 6f 5f 6d 61 6e 61 67 65 6d 65 6e 74 2c 20 2e 65 64 64 5f 73 6c 5f 73 74 61 74 75 73 5f 6c 61 62 65 6c 2c 20 2e 65 64 64 2d 73 6c 2d 61 63 74 69 76 65 2c 20 2e 65 64
                                                                                                                                                                                                                          Data Ascii: or: #E0E0E0;border-color: #9A9A9A;border-width: 1px;border-top-left-radius: 6px;border-top-right-radius: 6px;}.wpb_content_element .wpb_tabs_nav {border-style: none;}.hidden, .edd_sl_no_management, .edd_sl_status_label, .edd-sl-active, .ed
                                                                                                                                                                                                                          2024-05-05 12:33:54 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          150192.168.2.449907104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:54 UTC925OUTGET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714912432 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912426.31.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:55 UTC739INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:54 GMT
                                                                                                                                                                                                                          Content-Type: text/css
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Fri, 20 Jan 2023 17:33:14 GMT
                                                                                                                                                                                                                          ETag: "1f80ab-0-5f2b571b5b143"
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: MISS
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PzfBXclOhO0G2YdxWz0ZeMmKHCRHoPF4yj53kaTgEvIhx4M90ETyR4L5IAZeQyMQckfx7ZQWhXP5P1zdcDcDIyJp8FvF%2F7TBYmSRaqpenKVmCYpHE6pFhwgUqrs%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c2faac015935-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          151192.168.2.449908104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:54 UTC1016OUTPOST /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 136
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded; charset=UTF-8
                                                                                                                                                                                                                          X-Requested-With: XMLHttpRequest
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912426.31.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:54 UTC136OUTData Raw: 61 63 74 69 6f 6e 3d 65 64 64 75 68 5f 74 72 61 63 6b 5f 68 69 73 74 6f 72 79 26 70 61 67 65 5f 75 72 6c 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 62 69 74 73 75 6d 2e 63 6f 6d 25 32 46 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 25 32 46 25 33 46 64 69 73 63 6f 75 6e 74 25 33 44 42 49 54 53 55 4d 32 35 4f 46 46 25 32 36 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 25 33 44 31 26 72 65 66 65 72 72 65 72 3d
                                                                                                                                                                                                                          Data Ascii: action=edduh_track_history&page_url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&referrer=
                                                                                                                                                                                                                          2024-05-05 12:33:55 UTC1018INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:55 GMT
                                                                                                                                                                                                                          Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                          Content-Length: 120
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          X-Robots-Tag: noindex
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jr9hwgJ%2Fr2Bg5baMQwVdd2HYBHh9OmMb3T8qcoBumnps6QjZDEW4eo%2FzI%2BRsBs5DYpkh9V6YedH%2FkAmclDKhPExNKBC2eXgtbtKMIqR3tctFcYdp1OpbIIcHDoA%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c2fcdeb02423-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:55 UTC120INData Raw: 7b 22 73 75 63 63 65 73 73 22 3a 74 72 75 65 2c 22 64 61 74 61 22 3a 7b 22 70 61 67 65 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 62 69 74 73 75 6d 2e 63 6f 6d 5c 2f 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 5c 2f 3f 64 69 73 63 6f 75 6e 74 3d 42 49 54 53 55 4d 32 35 4f 46 46 26 23 30 33 38 3b 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 3d 31 22 7d 7d
                                                                                                                                                                                                                          Data Ascii: {"success":true,"data":{"page_url":"https:\/\/bitsum.com\/get-lasso-pro\/?discount=BITSUM25OFF&#038;inproductcoupon=1"}}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          152192.168.2.449909142.251.16.1134434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:54 UTC1235OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912432915&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=2533 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:54 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:54 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          153192.168.2.449911142.251.16.1134434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:54 UTC1240OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912426112&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=2&tfd=7263 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:55 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:54 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          154192.168.2.449912142.251.16.1134434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:55 UTC1240OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912432915&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=2&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=3&tfd=3033 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:55 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:55 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          155192.168.2.449913142.251.16.1134434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:55 UTC1690OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912432915&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr5.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr36.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr64.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true&_e [TRUNCATED]
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:55 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:55 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          156192.168.2.44991040.68.123.157443
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:55 UTC306OUTGET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=A2tp3zbaFOOWXvO&MD=VZaYXHLT HTTP/1.1
                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                                                                                                                                                          Host: slscr.update.microsoft.com
                                                                                                                                                                                                                          2024-05-05 12:33:55 UTC560INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                          Expires: -1
                                                                                                                                                                                                                          Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                                                                                                                                          ETag: "Mx1RoJH/qEwpWfKllx7sbsl28AuERz5IYdcsvtTJcgM=_2160"
                                                                                                                                                                                                                          MS-CorrelationId: 32988ca3-cc7b-421a-8e02-e1b36f278eff
                                                                                                                                                                                                                          MS-RequestId: ef7051d1-9d00-4180-b944-ff93d6286fed
                                                                                                                                                                                                                          MS-CV: LOjAf69g+UCMBKNK.0
                                                                                                                                                                                                                          X-Microsoft-SLSClientCache: 2160
                                                                                                                                                                                                                          Content-Disposition: attachment; filename=environment.cab
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:54 GMT
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Content-Length: 25457
                                                                                                                                                                                                                          2024-05-05 12:33:55 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 51 22 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 db 8e 00 00 14 00 00 00 00 00 10 00 51 22 00 00 20 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 f3 43 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 0d 92 6f db e5 21 f3 43 43 4b ed 5a 09 38 55 5b df 3f 93 99 90 29 99 e7 29 ec 73 cc 4a 66 32 cf 84 32 64 c8 31 c7 11 52 38 87 90 42 66 09 99 87 32 0f 19 0a 09 51 a6 a8 08 29 53 86 4a 52 84 50 df 46 83 ba dd 7b df fb 7e ef 7d ee 7d bf ef 9e e7 d9 67 ef 35 ee b5 fe eb 3f ff b6 96 81 a2 0a 04 fc 31 40 21 5b 3f a5 ed 1b 04 0e 85 42 a0 10 04 64 12 6c a5 de aa a1 d8 ea f3 58 01 f2 f5 67 0b 5e 9b bd e8 a0 90 1d bf 40 88 9d eb 49 b4 87 9b ab 8b 9d 2b 46 c8 c7 c5 19 92
                                                                                                                                                                                                                          Data Ascii: MSCFQ"DQ" AdCenvironment.cabo!CCKZ8U[?))sJf22d1R8Bf2Q)SJRPF{~}}g5?1@![?BdlXg^@I+F
                                                                                                                                                                                                                          2024-05-05 12:33:55 UTC9633INData Raw: 21 6f b3 eb a6 cc f5 31 be cf 05 e2 a9 fe fa 57 6d 19 30 b3 c2 c5 66 c9 6a df f5 e7 f0 78 bd c7 a8 9e 25 e3 f9 bc ed 6b 54 57 08 2b 51 82 44 12 fb b9 53 8c cc f4 60 12 8a 76 cc 40 40 41 9b dc 5c 17 ff 5c f9 5e 17 35 98 24 56 4b 74 ef 42 10 c8 af bf 7f c6 7f f2 37 7d 5a 3f 1c f2 99 79 4a 91 52 00 af 38 0f 17 f5 2f 79 81 65 d9 a9 b5 6b e4 c7 ce f6 ca 7a 00 6f 4b 30 44 24 22 3c cf ed 03 a5 96 8f 59 29 bc b6 fd 04 e1 70 9f 32 4a 27 fd 55 af 2f fe b6 e5 8e 33 bb 62 5f 9a db 57 40 e9 f1 ce 99 66 90 8c ff 6a 62 7f dd c5 4a 0b 91 26 e2 39 ec 19 4a 71 63 9d 7b 21 6d c3 9c a3 a2 3c fa 7f 7d 96 6a 90 78 a6 6d d2 e1 9c f9 1d fc 38 d8 94 f4 c6 a5 0a 96 86 a4 bd 9e 1a ae 04 42 83 b8 b5 80 9b 22 38 20 b5 25 e5 64 ec f7 f4 bf 7e 63 59 25 0f 7a 2e 39 57 76 a2 71 aa 06 8a
                                                                                                                                                                                                                          Data Ascii: !o1Wm0fjx%kTW+QDS`v@@A\\^5$VKtB7}Z?yJR8/yekzoK0D$"<Y)p2J'U/3b_W@fjbJ&9Jqc{!m<}jxm8B"8 %d~cY%z.9Wvq


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          157192.168.2.449914192.0.76.34434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:55 UTC690OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3138&rand=0.2663419028316665 HTTP/1.1
                                                                                                                                                                                                                          Host: pixel.wp.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: image
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:55 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:55 GMT
                                                                                                                                                                                                                          Content-Type: image/gif
                                                                                                                                                                                                                          Content-Length: 50
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:55 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                          Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          158192.168.2.449916104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:55 UTC648OUTGET /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912434.23.0.0
                                                                                                                                                                                                                          2024-05-05 12:33:58 UTC819INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:58 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                          Content-Length: 1
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          X-Robots-Tag: noindex
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lOPDUjgZcgIU%2BnKH%2FjcXFrL0UFnmriegDroaG6JFPqs%2FZb2bSFVv%2FxZicFEnS9fs77PzT2n5g0vHyJYy4044VrySWAW1Q3EUN8Q6o%2FRhYq7sh5LvWclrsUZBWcI%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c3031dc93ae1-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:58 UTC1INData Raw: 30
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          159192.168.2.449917192.0.76.34434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:55 UTC460OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3138&rand=0.2663419028316665 HTTP/1.1
                                                                                                                                                                                                                          Host: pixel.wp.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:33:55 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:55 GMT
                                                                                                                                                                                                                          Content-Type: image/gif
                                                                                                                                                                                                                          Content-Length: 50
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:33:55 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                          Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          160192.168.2.44991544.237.131.1214434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:55 UTC660OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 3492
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://m.stripe.network
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://m.stripe.network/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7
                                                                                                                                                                                                                          2024-05-05 12:33:55 UTC3492OUTData Raw: 4a 54 64 43 4a 54 49 79 64 6a 49 6c 4d 6a 49 6c 4d 30 45 78 4a 54 4a 44 4a 54 49 79 61 57 51 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 49 33 4d 47 4d 79 4d 44 6b 35 4d 54 67 7a 59 6a 63 30 5a 6a 6b 32 4e 47 51 35 4f 57 51 79 5a 47 52 6b 5a 6d 4e 6d 4f 54 68 69 59 69 55 79 4d 69 55 79 51 79 55 79 4d 6e 51 6c 4d 6a 49 6c 4d 30 45 30 4d 43 34 7a 4a 54 4a 44 4a 54 49 79 64 47 46 6e 4a 54 49 79 4a 54 4e 42 4a 54 49 79 4e 43 34 31 4c 6a 51 7a 4a 54 49 79 4a 54 4a 44 4a 54 49 79 63 33 4a 6a 4a 54 49 79 4a 54 4e 42 4a 54 49 79 61 6e 4d 6c 4d 6a 49 6c 4d 6b 4d 6c 4d 6a 4a 68 4a 54 49 79 4a 54 4e 42 4a 54 64 43 4a 54 49 79 59 53 55 79 4d 69 55 7a 51 53 55 33 51 69 55 79 4d 6e 59 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 4a 30 63 6e 56 6c 4a 54 49 79 4a 54 4a 44 4a 54 49 79 64 43 55
                                                                                                                                                                                                                          Data Ascii: JTdCJTIydjIlMjIlM0ExJTJDJTIyaWQlMjIlM0ElMjI3MGMyMDk5MTgzYjc0Zjk2NGQ5OWQyZGRkZmNmOThiYiUyMiUyQyUyMnQlMjIlM0E0MC4zJTJDJTIydGFnJTIyJTNBJTIyNC41LjQzJTIyJTJDJTIyc3JjJTIyJTNBJTIyanMlMjIlMkMlMjJhJTIyJTNBJTdCJTIyYSUyMiUzQSU3QiUyMnYlMjIlM0ElMjJ0cnVlJTIyJTJDJTIydCU
                                                                                                                                                                                                                          2024-05-05 12:33:56 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:55 GMT
                                                                                                                                                                                                                          Content-Length: 156
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          set-cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7;Expires=Tue, 05-May-2026 12:33:55 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                          x-content-type-options: nosniff
                                                                                                                                                                                                                          x-stripe-server-envoy-start-time-us: 1714912435941592
                                                                                                                                                                                                                          x-stripe-server-envoy-upstream-service-time-ms: 3
                                                                                                                                                                                                                          x-envoy-attempt-count: 1
                                                                                                                                                                                                                          x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                          x-stripe-client-envoy-start-time-us: 1714912435941279
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:33:56 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 64 61 61 33 63 63 35 32 2d 32 38 33 34 2d 34 65 61 31 2d 61 34 36 63 2d 35 37 62 37 36 35 36 63 65 66 62 39 37 39 30 32 65 39 22 2c 22 67 75 69 64 22 3a 22 32 36 39 37 37 36 30 38 2d 65 39 30 32 2d 34 39 63 37 2d 38 39 30 61 2d 38 63 66 35 61 62 30 66 38 66 31 32 35 62 63 30 65 37 22 2c 22 73 69 64 22 3a 22 65 63 66 34 65 66 37 35 2d 33 36 35 63 2d 34 37 39 33 2d 62 30 65 36 2d 63 39 34 34 37 39 38 37 35 38 39 36 38 61 32 61 36 35 22 7d
                                                                                                                                                                                                                          Data Ascii: {"muid":"daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9","guid":"26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7","sid":"ecf4ef75-365c-4793-b0e6-c944798758968a2a65"}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          161192.168.2.44991844.240.201.864434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:57 UTC433OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7; cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9
                                                                                                                                                                                                                          2024-05-05 12:33:57 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:57 GMT
                                                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                                                          Content-Length: 138
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Location: https://stripe.com
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:33:57 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                          Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          162192.168.2.449919198.202.176.814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:58 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                          Host: stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
                                                                                                                                                                                                                          2024-05-05 12:33:58 UTC4216INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:58 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                          Content-Length: 2253471
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                          Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                          Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                          Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                          Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                          X-Mkt-Cache: HIT
                                                                                                                                                                                                                          X-Wis-Cache-Control: max-age=300
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                          2024-05-05 12:33:58 UTC12168INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                          2024-05-05 12:33:58 UTC16384INData Raw: 64 20 2e 53 65 63 74 69 6f 6e 5f 5f 6c 61 79 6f 75 74 7b 2d 2d 73 65 63 74 69 6f 6e 50 61 64 64 69 6e 67 54 6f 70 3a 30 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 3a 32 35 30 6d 73 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 53 70 61 63 69 6e 67 3a 31 33 70 78 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a
                                                                                                                                                                                                                          Data Ascii: d .Section__layout{--sectionPaddingTop:0}</style><style>.SiteHeader{--siteMenuTransition:250ms;--siteMenuArrowSpacing:13px;--siteMenuArrowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:
                                                                                                                                                                                                                          2024-05-05 12:33:58 UTC16384INData Raw: 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 31 32 30 25 29 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 2c 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 62 61 63 6b 42 75 74 74 6f 6e 7b 6f 70 61 63 69 74 79 3a 30 3b 76 69 73 69 62 69 6c 69 74 79 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 49 6e 29 3b 70 6f 69 6e 74 65 72 2d 65 76 65 6e 74 73 3a 6e 6f
                                                                                                                                                                                                                          Data Ascii: -color:transparent}.MobileMenu--isSubMenuActive .MobileMenu__logo{transform:translateX(-120%)}.MobileMenu--isSubMenuActive .MobileMenu__logo,.MobileMenu__backButton{opacity:0;visibility:hidden;transition:var(--siteMobileMenuTransitionIn);pointer-events:no
                                                                                                                                                                                                                          2024-05-05 12:33:58 UTC16384INData Raw: 69 6f 6e 2d 70 72 6f 70 65 72 74 79 3a 74 72 61 6e 73 66 6f 72 6d 3b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 7a 2d 69 6e 64 65 78 3a 32 7d 2e 53 69 74 65 48 65 61 64 65 72 2d 2d 64 72 6f 70 64 6f 77 6e 56 69 73 69 62 6c 65 20 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 59 28 30 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 29 29 20 72 6f 74 61 74 65 28 34 35 64 65 67 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e
                                                                                                                                                                                                                          Data Ascii: ion-property:transform;transition-duration:var(--siteMenuTransition);z-index:2}.SiteHeader--dropdownVisible .SiteHeaderArrow{transform:translateY(0) translateX(var(--siteMenuArrowOffset)) rotate(45deg)}@media (max-width:899px){.SiteHeaderArrow{display:non
                                                                                                                                                                                                                          2024-05-05 12:33:58 UTC16384INData Raw: 61 64 65 72 2c 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 3d 65 73 2d 75 73 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 37 38 70 78 7d 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 2a 3d 6a 61 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 36 36 70 78 7d 7d 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 76 61 72 28 2d 2d 63 61 70 74 69 6f 6e 4d 61 72 67 69 6e 54 6f 70 29 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 36 30 30 70 78 29 7b 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 69 6e 2d 77 69 64 74 68
                                                                                                                                                                                                                          Data Ascii: ader,.MktRoot[lang=es-us] .HomepageHeroHeader{--titleFontSize:78px}.MktRoot[lang*=ja] .HomepageHeroHeader{--titleFontSize:66px}}.HomepageHeroHeader__caption{margin-top:var(--captionMarginTop)}@media (min-width:600px){.HomepageHeroHeader__caption{min-width
                                                                                                                                                                                                                          2024-05-05 12:33:58 UTC16384INData Raw: 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 5a 28 30 29 7d 2e 46 61 63 65 2e 69 73 2d 70 68 6f 6e 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 7b 6f 70 61 63 69 74 79 3a 31 3b 74 72 61 6e 73 66 6f 72 6d 3a 70 65 72 73 70 65 63 74 69 76 65 28 35 30 30 70 78 29 20 74 72 61 6e 73 6c 61 74 65 59 28 31 32 70 78 29 20 72 6f 74 61 74 65 58 28 30 64 65 67 29 3b 61 6e 69 6d 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 66 61 63 65 41 6e 69 6d 61 74 69 6f 6e 44 69 73 61 62 6c 65 64 2c 70 68 6f 6e 65 2d 74 61 70 20 32 2e 37 73 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 66 6f 72 77 61 72 64 73 20 69 6e 66 69 6e 69 74 65 20 2e 34 73 29 7d 2e 46 61 63 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 43 6c 69 70 2c 2e 46 61 63 65 20 2e 46 61 63
                                                                                                                                                                                                                          Data Ascii: flow:hidden;transform:translateZ(0)}.Face.is-phone .Face__phone{opacity:1;transform:perspective(500px) translateY(12px) rotateX(0deg);animation:var(--faceAnimationDisabled,phone-tap 2.7s ease-in-out forwards infinite .4s)}.Face .Face__phoneClip,.Face .Fac
                                                                                                                                                                                                                          2024-05-05 12:33:58 UTC16384INData Raw: 66 36 66 39 66 63 3b 2d 2d 67 72 69 64 53 75 62 63 61 72 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 2d 2d 74 61 62 6c 65 49 63 6f 6e 43 6f 6c 6f 72 3a 23 38 63 39 65 62 31 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 57 68 69 74 65 3a 23 66 66 66 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 4c 69 67 68 74 3a 23 65 33 65 37 65 63 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 44 61 72 6b 3a 23 30 61 32 35 34 30 3b 2d 2d 62 75 6c 6c 65 74 43 6f 6c 6f 72 3a 23 63 66 64 37 64 66 3b 2d 2d 66 6f 6f 74 6e 6f 74 65 54 65 78 74 43 6f 6c 6f 72 3a 23 34 64 35 62 37 38 3b 2d 2d 64 69 73 63 6c 61 69 6d 65 72 54 65 78 74 43 6f 6c 6f 72 3a 23 37 30 37 66 39 38 3b 2d 2d 69 6e 6c 69 6e 65 43 6f 64 65 54 65 78 74 43 6f 6c 6f 72 3a 23 32 63 33 61 35 37 3b 2d 2d 69 6e
                                                                                                                                                                                                                          Data Ascii: f6f9fc;--gridSubcardBackground:#fff;--tableIconColor:#8c9eb1;--stripeAccentWhite:#fff;--stripeAccentLight:#e3e7ec;--stripeAccentDark:#0a2540;--bulletColor:#cfd7df;--footnoteTextColor:#4d5b78;--disclaimerTextColor:#707f98;--inlineCodeTextColor:#2c3a57;--in
                                                                                                                                                                                                                          2024-05-05 12:33:58 UTC16384INData Raw: 6f 6c 6f 72 3a 23 66 61 62 30 30 30 7d 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 66 66 63 65 34 38 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 66 6c 61 76 6f 72 2d 2d 54 72 6f 70 69 63 61 6c 7b 2d 2d 62 6c 65 6e 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 38 30 65 39 66 66 3b 2d 2d 62 6c 65 6e 64 49 6e 74 65 72 73 65 63 74 69 6f 6e 3a 23 30 30 34 38 65 35 3b 2d 2d 62 6c 65 6e 64 46 6f 72 65 67 72 6f 75 6e 64 3a 23 37 61 37 33 66 66 3b 2d 2d 67 72 61 64 69 65 6e 74 43 6f 6c 6f 72 5a 65 72 6f
                                                                                                                                                                                                                          Data Ascii: olor:#fab000}.flavor--Sunset.theme--Dark.accent--Yellow,.flavor--Sunset.theme--Dark .accent--Yellow{--accentColor:#ffce48}</style><style>.flavor--Tropical{--blendBackground:#80e9ff;--blendIntersection:#0048e5;--blendForeground:#7a73ff;--gradientColorZero
                                                                                                                                                                                                                          2024-05-05 12:33:58 UTC16384INData Raw: 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 49 6e 76 6f 69 63 69 6e 67 46 65 61 74 75 72 65 47 72 61 70 68 69 63 2d 64 62 39 35 66 36 63 62 66 61 36 33 38 63 63 61 31 35 31 65 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 44 65 76 65 6c 6f 70 65 72 73
                                                                                                                                                                                                                          Data Ascii: esheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/InvoicingFeatureGraphic-db95f6cbfa638cca151e.css" media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Developers
                                                                                                                                                                                                                          2024-05-05 12:33:58 UTC16384INData Raw: 36 47 48 48 37 4e 46 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 50 61 79 6d 65 6e 74 73 41 6e 69 6d 61 74 69 6f 6e 2d 56 43 35 4d 44 35 32 51 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 49 63 6f 6e 47 72 69 64 2d 53 52 36 44 55 4d 59 43 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68
                                                                                                                                                                                                                          Data Ascii: 6GHH7NF.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorPaymentsAnimation-VC5MD52Q.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorIconGrid-SR6DUMYC.js"},{"critical":false,"path


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          163192.168.2.44992044.237.131.1214434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:59 UTC659OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 796
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://m.stripe.network
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://m.stripe.network/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7
                                                                                                                                                                                                                          2024-05-05 12:33:59 UTC796OUTData Raw: 4a 54 64 43 4a 54 49 79 62 58 56 70 5a 43 55 79 4d 69 55 7a 51 53 55 79 4d 6d 52 68 59 54 4e 6a 59 7a 55 79 4c 54 49 34 4d 7a 51 74 4e 47 56 68 4d 53 31 68 4e 44 5a 6a 4c 54 55 33 59 6a 63 32 4e 54 5a 6a 5a 57 5a 69 4f 54 63 35 4d 44 4a 6c 4f 53 55 79 4d 69 55 79 51 79 55 79 4d 6e 4e 70 5a 43 55 79 4d 69 55 7a 51 53 55 79 4d 6d 56 6a 5a 6a 52 6c 5a 6a 63 31 4c 54 4d 32 4e 57 4d 74 4e 44 63 35 4d 79 31 69 4d 47 55 32 4c 57 4d 35 4e 44 51 33 4f 54 67 33 4e 54 67 35 4e 6a 68 68 4d 6d 45 32 4e 53 55 79 4d 69 55 79 51 79 55 79 4d 6e 56 79 62 43 55 79 4d 69 55 7a 51 53 55 79 4d 6d 68 30 64 48 42 7a 4a 54 4e 42 4a 54 4a 47 4a 54 4a 47 5a 48 52 6c 4d 31 70 32 4e 7a 4e 4e 4d 55 78 6b 57 6c 5a 31 63 54 52 51 54 45 31 49 59 6c 42 68 55 32 70 6f 56 6e 6c 30 57 45 6b
                                                                                                                                                                                                                          Data Ascii: JTdCJTIybXVpZCUyMiUzQSUyMmRhYTNjYzUyLTI4MzQtNGVhMS1hNDZjLTU3Yjc2NTZjZWZiOTc5MDJlOSUyMiUyQyUyMnNpZCUyMiUzQSUyMmVjZjRlZjc1LTM2NWMtNDc5My1iMGU2LWM5NDQ3OTg3NTg5NjhhMmE2NSUyMiUyQyUyMnVybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGZHRlM1p2NzNNMUxkWlZ1cTRQTE1IYlBhU2poVnl0WEk
                                                                                                                                                                                                                          2024-05-05 12:33:59 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:33:59 GMT
                                                                                                                                                                                                                          Content-Length: 156
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          set-cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7;Expires=Tue, 05-May-2026 12:33:59 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                          x-content-type-options: nosniff
                                                                                                                                                                                                                          x-stripe-server-envoy-start-time-us: 1714912439699328
                                                                                                                                                                                                                          x-stripe-server-envoy-upstream-service-time-ms: 3
                                                                                                                                                                                                                          x-envoy-attempt-count: 1
                                                                                                                                                                                                                          x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                          x-stripe-client-envoy-start-time-us: 1714912439698720
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:33:59 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 64 61 61 33 63 63 35 32 2d 32 38 33 34 2d 34 65 61 31 2d 61 34 36 63 2d 35 37 62 37 36 35 36 63 65 66 62 39 37 39 30 32 65 39 22 2c 22 67 75 69 64 22 3a 22 32 36 39 37 37 36 30 38 2d 65 39 30 32 2d 34 39 63 37 2d 38 39 30 61 2d 38 63 66 35 61 62 30 66 38 66 31 32 35 62 63 30 65 37 22 2c 22 73 69 64 22 3a 22 65 63 66 34 65 66 37 35 2d 33 36 35 63 2d 34 37 39 33 2d 62 30 65 36 2d 63 39 34 34 37 39 38 37 35 38 39 36 38 61 32 61 36 35 22 7d
                                                                                                                                                                                                                          Data Ascii: {"muid":"daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9","guid":"26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7","sid":"ecf4ef75-365c-4793-b0e6-c944798758968a2a65"}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          164192.168.2.449921104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:33:59 UTC997OUTGET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                          Sec-Fetch-User: ?1
                                                                                                                                                                                                                          Sec-Fetch-Dest: document
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912434.23.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:00 UTC1037INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:00 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                          Link: <https://bitsum.com/wp-json/>; rel="https://api.w.org/"
                                                                                                                                                                                                                          Link: <https://bitsum.com/wp-json/wp/v2/pages/26649>; rel="alternate"; type="application/json"
                                                                                                                                                                                                                          Link: <https://bitsum.com/?p=26649>; rel=shortlink
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fyTNNiDQdrKh3A%2Bz%2BCmbJAvgNptYzve2PcBu8Uc3eBG9GFzZgGwNFupE1Ia0ExA7%2Brlcrallxu4nnbdrca%2FR8yDeJLcZGpyRDKaZHWGFRcLRPWwBEzpAopn1NBI%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c31ebde1879b-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:00 UTC332INData Raw: 37 62 61 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65
                                                                                                                                                                                                                          Data Ascii: 7ba7<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><link rel="profile" href="http://gmpg.org/xfn/11" /><link rel="pingback" href="https://bitsum.com/xmlrpc.php" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta name
                                                                                                                                                                                                                          2024-05-05 12:34:00 UTC1369INData Raw: 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 66 61 76 69 63 6f 6e 2e 70 6e 67 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 47 65 74 20 50 72 6f 63 65 73 73 20 4c 61 73 73 6f 20 50 72 6f 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73
                                                                                                                                                                                                                          Data Ascii: port" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /><link rel="shortcut icon" href="https://bitsum.com/wp-content/uploads/favicon.png" type="image/x-icon" /><title>Get Process Lasso Pro</title><meta name="robots
                                                                                                                                                                                                                          2024-05-05 12:34:00 UTC1369INData Raw: 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 29 20 3a 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 65 66 61 75 6c 74 4c 6f 63 61 74 69 6f 6e 73 20 29 3b 0a 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 76 61 72 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 4c 6f 63 61 74 69 6f 6e 73 20 3d 20 28 74 79 70 65 6f 66 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29
                                                                                                                                                                                                                          Data Ascii: ery === 'object') ? MonsterInsightsPrivacyGuardFilter( MonsterInsightsExcludeQuery ) : MonsterInsightsPrivacyGuardFilter( MonsterInsightsDefaultLocations );} else {var MonsterInsightsLocations = (typeof MonsterInsightsExcludeQuery === 'object')
                                                                                                                                                                                                                          2024-05-05 12:34:00 UTC1369INData Raw: 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 20 3d 20 7b 0a 09 09 09 09 09 68 65 6c 70 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 09 74 72 61 63 6b 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 7d 3b 0a 09 09 09 09 69 66 20 28 6d 69 5f 74 72 61 63 6b 5f 75 73 65 72 29 20 7b 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 29 20 7b 0a 09 09 09 09 09 09 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 0a 09 09 09 09 09 7d 0a 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 54 72 61 63 6b 65 72 28 74 79 70 65 2c 20 6e 61 6d 65 2c 20 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 69 66 20 28 21 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 09 70
                                                                                                                                                                                                                          Data Ascii: InsightsDualTracker = {helpers: {},trackers: {},};if (mi_track_user) {function __gtagDataLayer() {dataLayer.push(arguments);}function __gtagTracker(type, name, parameters) {if (!parameters) {p
                                                                                                                                                                                                                          2024-05-05 12:34:00 UTC1369INData Raw: 70 73 3a 2f 2f 64 65 76 65 6c 6f 70 65 72 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 6e 61 6c 79 74 69 63 73 2f 64 65 76 67 75 69 64 65 73 2f 63 6f 6c 6c 65 63 74 69 6f 6e 2f 61 6e 61 6c 79 74 69 63 73 6a 73 2f 20 2a 2f 0a 09 09 09 09 09 09 2f 2a 20 67 61 20 61 6e 64 20 5f 5f 67 61 54 72 61 63 6b 65 72 20 63 6f 6d 70 61 74 69 62 69 6c 69 74 79 20 73 68 69 6d 2e 20 2a 2f 0a 09 09 09 09 09 09 76 61 72 20 6e 6f 6f 70 66 6e 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 0a 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 76 61 72 20 6e 65 77 74 72 61 63 6b 65 72 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 65 77 20 54 72 61 63 6b 65 72 28 29 3b 0a 09 09
                                                                                                                                                                                                                          Data Ascii: ps://developers.google.com/analytics/devguides/collection/analyticsjs/ *//* ga and __gaTracker compatibility shim. */var noopfn = function () {return null;};var newtracker = function () {return new Tracker();
                                                                                                                                                                                                                          2024-05-05 12:34:00 UTC1369INData Raw: 09 27 65 76 65 6e 74 41 63 74 69 6f 6e 27 3a 20 27 70 61 67 65 5f 76 69 65 77 27 2c 0a 09 09 09 09 09 09 09 09 09 09 09 09 27 70 61 67 65 5f 70 61 74 68 27 3a 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 2c 0a 09 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 4f 62 6a 65 63 74 20 3d 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 35 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09
                                                                                                                                                                                                                          Data Ascii: 'eventAction': 'page_view','page_path': arguments[2],}}}if (typeof arguments[2] === 'object') {hitObject = arguments[2];}if (typeof arguments[5] === 'object') {
                                                                                                                                                                                                                          2024-05-05 12:34:00 UTC1369INData Raw: 27 2c 0a 09 09 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 09 09 66 6f 72 20 28 61 72 67 20 69 6e 20 61 72 67 73 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 69 66 20 28 21 28 21 61 72 67 73 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 20 7c 7c 20 21 67 61 4d 61 70 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 29 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 67 61 4d 61 70 5b 61 72 67 5d 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 61 72 67 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 68 69 74 3b
                                                                                                                                                                                                                          Data Ascii: ',};for (arg in args) {if (!(!args.hasOwnProperty(arg) || !gaMap.hasOwnProperty(arg))) {hit[gaMap[arg]] = args[arg];} else {hit[arg] = args[arg];}}return hit;
                                                                                                                                                                                                                          2024-05-05 12:34:00 UTC1369INData Raw: 72 74 79 28 6d 61 70 49 6e 64 65 78 29 29 20 7b 0a 09 09 09 09 09 09 69 74 65 6d 5b 66 69 65 6c 64 4d 61 70 5b 6d 61 70 49 6e 64 65 78 5d 5d 20 3d 20 75 61 49 74 65 6d 5b 6d 61 70 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 7d 0a 09 09 09 09 7d 0a 0a 09 09 09 09 66 6f 72 20 28 70 72 65 66 69 78 49 6e 64 65 78 20 3d 20 30 3b 20 70 72 65 66 69 78 49 6e 64 65 78 20 3c 20 74 6f 42 65 50 72 65 66 69 78 65 64 2e 6c 65 6e 67 74 68 3b 20 70 72 65 66 69 78 49 6e 64 65 78 2b 2b 29 20 7b 0a 09 09 09 09 09 70 72 65 66 69 78 4b 65 79 20 3d 20 74 6f 42 65 50 72 65 66 69 78 65 64 5b 70 72 65 66 69 78 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 75 61 49 74 65 6d 5b 70 72 65 66 69 78 4b 65 79 5d 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 29 20
                                                                                                                                                                                                                          Data Ascii: rty(mapIndex)) {item[fieldMap[mapIndex]] = uaItem[mapIndex];}}for (prefixIndex = 0; prefixIndex < toBePrefixed.length; prefixIndex++) {prefixKey = toBePrefixed[prefixIndex];if (typeof uaItem[prefixKey] !== 'undefined')
                                                                                                                                                                                                                          2024-05-05 12:34:00 UTC1369INData Raw: 29 20 7b 0a 09 09 09 09 63 6f 6e 73 74 20 69 74 65 6d 73 20 3d 20 70 61 72 61 6d 65 74 65 72 73 2e 69 74 65 6d 73 2e 6d 61 70 28 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 68 65 6c 70 65 72 73 2e 6d 61 70 50 72 6f 64 75 63 74 49 74 65 6d 29 3b 0a 09 09 09 09 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 27 65 76 65 6e 74 27 2c 20 27 73 65 6c 65 63 74 5f 69 74 65 6d 27 2c 20 7b 69 74 65 6d 73 3a 20 69 74 65 6d 73 2c 20 73 65 6e 64 5f 74 6f 3a 20 70 61 72 61 6d 65 74 65 72 73 2e 73 65 6e 64 5f 74 6f 7d 29 3b 0a 09 09 09 7d 3b 0a 0a 09 09 09 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 74 72 61 63 6b 65 72 73 5b 27 76 69 65 77 5f 69 74 65 6d 27 5d 20 3d 20 66 75 6e 63 74 69 6f 6e 20
                                                                                                                                                                                                                          Data Ascii: ) {const items = parameters.items.map(MonsterInsightsDualTracker.helpers.mapProductItem);__gtagDataLayer('event', 'select_item', {items: items, send_to: parameters.send_to});};MonsterInsightsDualTracker.trackers['view_item'] = function
                                                                                                                                                                                                                          2024-05-05 12:34:00 UTC1369INData Raw: 5d 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 75 28 65 2c 74 2c 6e 29 7b 73 77 69 74 63 68 28 74 29 7b 63 61 73 65 22 66 6c 61 67 22 3a 72 65 74 75 72 6e 20 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 32 36 61 37 5c 75 66 65 30 66 22 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 62 5c 75 32 36 61 37 5c 75 66 65 30 66 22 29 3f 21 31 3a 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 64 38 33 63 5c 75 64 64 66 33 22 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 32 30 30 62 5c 75 64 38 33 63 5c 75 64 64 66 33 22 29 26 26 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 64 62 34 30 5c 75 64 63
                                                                                                                                                                                                                          Data Ascii: ]})}function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          165192.168.2.449924142.251.16.1134434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:00 UTC1240OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912432915&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=2&tfd=8277 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:00 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:00 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          166192.168.2.44992344.240.201.864434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:00 UTC433OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7; cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9
                                                                                                                                                                                                                          2024-05-05 12:34:00 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:00 GMT
                                                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                                                          Content-Length: 138
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Location: https://stripe.com
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:34:00 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                          Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          167192.168.2.449922104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:02 UTC885OUTGET /?custom-css=c8bee26073 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912434.23.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:02 UTC822INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:02 GMT
                                                                                                                                                                                                                          Content-Type: text/css;charset=UTF-8
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Mon, 05 May 2025 12:34:02 GMT
                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ft0lmqTpJZIV0xZsGwWbhXZ2ijbFYNE2Xmm23LhqdzXWHUZzbY1bU9uTfo%2BcOggIplG9ISaM6bXoL5%2BacigLYeQ5t1kIXtivoRkFY5q%2B5UYOCSu0prO1ZnAibEQ%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c32d4eb18197-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:02 UTC547INData Raw: 66 31 38 0d 0a 40 69 6d 70 6f 72 74 20 75 72 6c 28 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 26 64 69 73 70 6c 61 79 3d 73 77 61 70 27 29 3b 0a 0a 2f 2a 20 64 69 73 61 62 6c 65 20 64 61 72 6b 20 6d 6f 64 65 20 70 65 6e 64 69 6e 67 20 6d 6f 72 65 20 70 72 65 63 69 73 65 20 77 6f 72 6b 20 2a 2f 0a 2f 2a 20 40 69 6d 70 6f 72 74 20 22 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6d 65 6d 69 6e 7a 2f 63 73 73 2f 64 61 72 6b 6d 6f 64 65 2d 63 75 73 74 6f 6d 2e 63 73 73 22 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 20 64 61 72 6b 29 3b 0a 2a 2f 0a 0a 23 6e 6f 2d 75 73 65 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f
                                                                                                                                                                                                                          Data Ascii: f18@import url('https://fonts.googleapis.com/css2?family=Roboto&display=swap');/* disable dark mode pending more precise work *//* @import "/wp-content/themes/meminz/css/darkmode-custom.css" (prefers-color-scheme: dark);*/#no-use {margin: 0 auto
                                                                                                                                                                                                                          2024-05-05 12:34:02 UTC1369INData Raw: 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 66 6f 63 75 73 0a 7b 0a 09 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 68 6f 76 65 72 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 2e 73 65 6c 65 63 74 65 64 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76
                                                                                                                                                                                                                          Data Ascii: default .navbar-nav li a:focus{border: none;}.navbar-default .navbar-nav li a:hover,.navbar-default .navbar-nav li a.selected,.navbar-default .navbar-nav .active a,.navbar-default .navbar-nav .dropdown.active a,.navbar-default .navbar-nav .activ
                                                                                                                                                                                                                          2024-05-05 12:34:02 UTC1369INData Raw: 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 2e 35 65 6d 3b 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 2e 35 65 6d 3b 0a 09 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 37 30 30 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 32 70 78 3b 0a 09 2d 6d 6f 7a 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 77 65 62 6b 69 74 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 6b 68 74 6d 6c 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 3b 0a 09 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 7d 0a 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 61 63 74 69 76 65 2c 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 68 6f 76 65 72 2c
                                                                                                                                                                                                                          Data Ascii: 0;padding: .5em;line-height: 2.5em;font-weight: 700;border-width: 2px;-moz-border-radius: .5em;-webkit-border-radius: .5em;-khtml-border-radius: .5em .5em .5em .5em;border-radius: .5em;}a.download_button:active,a.download_button:hover,
                                                                                                                                                                                                                          2024-05-05 12:34:02 UTC586INData Raw: 2d 63 6f 6c 6f 72 3a 20 23 45 30 45 30 45 30 3b 0a 09 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 39 41 39 41 39 41 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 31 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 7d 0a 0a 2e 77 70 62 5f 63 6f 6e 74 65 6e 74 5f 65 6c 65 6d 65 6e 74 20 2e 77 70 62 5f 74 61 62 73 5f 6e 61 76 20 7b 0a 09 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 68 69 64 64 65 6e 2c 20 2e 65 64 64 5f 73 6c 5f 6e 6f 5f 6d 61 6e 61 67 65 6d 65 6e 74 2c 20 2e 65 64 64 5f 73 6c 5f 73 74 61 74 75 73 5f 6c 61 62 65 6c 2c 20 2e 65 64 64 2d 73 6c 2d 61 63 74 69 76 65 2c
                                                                                                                                                                                                                          Data Ascii: -color: #E0E0E0;border-color: #9A9A9A;border-width: 1px;border-top-left-radius: 6px;border-top-right-radius: 6px;}.wpb_content_element .wpb_tabs_nav {border-style: none;}.hidden, .edd_sl_no_management, .edd_sl_status_label, .edd-sl-active,
                                                                                                                                                                                                                          2024-05-05 12:34:02 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          168192.168.2.449925104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:02 UTC1016OUTPOST /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 136
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded; charset=UTF-8
                                                                                                                                                                                                                          X-Requested-With: XMLHttpRequest
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912442.15.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:02 UTC136OUTData Raw: 61 63 74 69 6f 6e 3d 65 64 64 75 68 5f 74 72 61 63 6b 5f 68 69 73 74 6f 72 79 26 70 61 67 65 5f 75 72 6c 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 62 69 74 73 75 6d 2e 63 6f 6d 25 32 46 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 25 32 46 25 33 46 64 69 73 63 6f 75 6e 74 25 33 44 42 49 54 53 55 4d 32 35 4f 46 46 25 32 36 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 25 33 44 31 26 72 65 66 65 72 72 65 72 3d
                                                                                                                                                                                                                          Data Ascii: action=edduh_track_history&page_url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&referrer=
                                                                                                                                                                                                                          2024-05-05 12:34:03 UTC1018INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:03 GMT
                                                                                                                                                                                                                          Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                          Content-Length: 120
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          X-Robots-Tag: noindex
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=87fhyN0VmtnFLTkZP7HdT%2BD%2BvRT5Pb%2FWMcQSJXttLSCTTb8ys8gpzkOYENXinhAFlNCxPUjXuQm8BdIjJnEGl%2Fxot2mHodeDl7C4m7B19RHlEUtfGzAmQKK8iGM%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c3316cb76fd1-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:03 UTC120INData Raw: 7b 22 73 75 63 63 65 73 73 22 3a 74 72 75 65 2c 22 64 61 74 61 22 3a 7b 22 70 61 67 65 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 62 69 74 73 75 6d 2e 63 6f 6d 5c 2f 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 5c 2f 3f 64 69 73 63 6f 75 6e 74 3d 42 49 54 53 55 4d 32 35 4f 46 46 26 23 30 33 38 3b 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 3d 31 22 7d 7d
                                                                                                                                                                                                                          Data Ascii: {"success":true,"data":{"page_url":"https:\/\/bitsum.com\/get-lasso-pro\/?discount=BITSUM25OFF&#038;inproductcoupon=1"}}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          169192.168.2.449927104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:03 UTC925OUTGET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714912440 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912434.23.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:03 UTC751INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:03 GMT
                                                                                                                                                                                                                          Content-Type: text/css
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Fri, 20 Jan 2023 17:33:14 GMT
                                                                                                                                                                                                                          ETag: "1f80ab-0-5f2b571b5b143"
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: MISS
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OEo7L3XqHZV0jjMnJDVJvK%2Fp6m6OxsbEJBclpOSdYa%2FuNFe8eUUj4gQ4%2F%2B%2FjtUcUJatyD%2B0gjdLBBvNgSZBWRYwkcHqdmqzN6cl4ADDGwiAxLFQVkJaf9x%2FoKzw%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c331fa903b29-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          170192.168.2.449926142.251.16.1134434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:03 UTC1235OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912441443&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=3088 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:03 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:03 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          171192.168.2.449928142.251.16.1134434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:03 UTC1234OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912441443&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=2&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&tfd=3212 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:03 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:03 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          172192.168.2.449929142.251.16.1134434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:03 UTC1682OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912441443&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr5.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr36.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr64.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true&tf [TRUNCATED]
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:03 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:03 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          173192.168.2.449930198.202.176.814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:03 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                          Host: stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
                                                                                                                                                                                                                          2024-05-05 12:34:03 UTC4216INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:03 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                          Content-Length: 2253471
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                          Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                          Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                          Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                          Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                          X-Mkt-Cache: HIT
                                                                                                                                                                                                                          X-Wis-Cache-Control: max-age=300
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                          2024-05-05 12:34:03 UTC12168INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                          2024-05-05 12:34:03 UTC16384INData Raw: 64 20 2e 53 65 63 74 69 6f 6e 5f 5f 6c 61 79 6f 75 74 7b 2d 2d 73 65 63 74 69 6f 6e 50 61 64 64 69 6e 67 54 6f 70 3a 30 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 3a 32 35 30 6d 73 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 53 70 61 63 69 6e 67 3a 31 33 70 78 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a
                                                                                                                                                                                                                          Data Ascii: d .Section__layout{--sectionPaddingTop:0}</style><style>.SiteHeader{--siteMenuTransition:250ms;--siteMenuArrowSpacing:13px;--siteMenuArrowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:
                                                                                                                                                                                                                          2024-05-05 12:34:03 UTC16384INData Raw: 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 31 32 30 25 29 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 2c 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 62 61 63 6b 42 75 74 74 6f 6e 7b 6f 70 61 63 69 74 79 3a 30 3b 76 69 73 69 62 69 6c 69 74 79 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 49 6e 29 3b 70 6f 69 6e 74 65 72 2d 65 76 65 6e 74 73 3a 6e 6f
                                                                                                                                                                                                                          Data Ascii: -color:transparent}.MobileMenu--isSubMenuActive .MobileMenu__logo{transform:translateX(-120%)}.MobileMenu--isSubMenuActive .MobileMenu__logo,.MobileMenu__backButton{opacity:0;visibility:hidden;transition:var(--siteMobileMenuTransitionIn);pointer-events:no
                                                                                                                                                                                                                          2024-05-05 12:34:03 UTC16384INData Raw: 69 6f 6e 2d 70 72 6f 70 65 72 74 79 3a 74 72 61 6e 73 66 6f 72 6d 3b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 7a 2d 69 6e 64 65 78 3a 32 7d 2e 53 69 74 65 48 65 61 64 65 72 2d 2d 64 72 6f 70 64 6f 77 6e 56 69 73 69 62 6c 65 20 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 59 28 30 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 29 29 20 72 6f 74 61 74 65 28 34 35 64 65 67 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e
                                                                                                                                                                                                                          Data Ascii: ion-property:transform;transition-duration:var(--siteMenuTransition);z-index:2}.SiteHeader--dropdownVisible .SiteHeaderArrow{transform:translateY(0) translateX(var(--siteMenuArrowOffset)) rotate(45deg)}@media (max-width:899px){.SiteHeaderArrow{display:non
                                                                                                                                                                                                                          2024-05-05 12:34:03 UTC16384INData Raw: 61 64 65 72 2c 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 3d 65 73 2d 75 73 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 37 38 70 78 7d 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 2a 3d 6a 61 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 36 36 70 78 7d 7d 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 76 61 72 28 2d 2d 63 61 70 74 69 6f 6e 4d 61 72 67 69 6e 54 6f 70 29 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 36 30 30 70 78 29 7b 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 69 6e 2d 77 69 64 74 68
                                                                                                                                                                                                                          Data Ascii: ader,.MktRoot[lang=es-us] .HomepageHeroHeader{--titleFontSize:78px}.MktRoot[lang*=ja] .HomepageHeroHeader{--titleFontSize:66px}}.HomepageHeroHeader__caption{margin-top:var(--captionMarginTop)}@media (min-width:600px){.HomepageHeroHeader__caption{min-width
                                                                                                                                                                                                                          2024-05-05 12:34:03 UTC16384INData Raw: 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 5a 28 30 29 7d 2e 46 61 63 65 2e 69 73 2d 70 68 6f 6e 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 7b 6f 70 61 63 69 74 79 3a 31 3b 74 72 61 6e 73 66 6f 72 6d 3a 70 65 72 73 70 65 63 74 69 76 65 28 35 30 30 70 78 29 20 74 72 61 6e 73 6c 61 74 65 59 28 31 32 70 78 29 20 72 6f 74 61 74 65 58 28 30 64 65 67 29 3b 61 6e 69 6d 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 66 61 63 65 41 6e 69 6d 61 74 69 6f 6e 44 69 73 61 62 6c 65 64 2c 70 68 6f 6e 65 2d 74 61 70 20 32 2e 37 73 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 66 6f 72 77 61 72 64 73 20 69 6e 66 69 6e 69 74 65 20 2e 34 73 29 7d 2e 46 61 63 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 43 6c 69 70 2c 2e 46 61 63 65 20 2e 46 61 63
                                                                                                                                                                                                                          Data Ascii: flow:hidden;transform:translateZ(0)}.Face.is-phone .Face__phone{opacity:1;transform:perspective(500px) translateY(12px) rotateX(0deg);animation:var(--faceAnimationDisabled,phone-tap 2.7s ease-in-out forwards infinite .4s)}.Face .Face__phoneClip,.Face .Fac
                                                                                                                                                                                                                          2024-05-05 12:34:03 UTC16384INData Raw: 66 36 66 39 66 63 3b 2d 2d 67 72 69 64 53 75 62 63 61 72 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 2d 2d 74 61 62 6c 65 49 63 6f 6e 43 6f 6c 6f 72 3a 23 38 63 39 65 62 31 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 57 68 69 74 65 3a 23 66 66 66 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 4c 69 67 68 74 3a 23 65 33 65 37 65 63 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 44 61 72 6b 3a 23 30 61 32 35 34 30 3b 2d 2d 62 75 6c 6c 65 74 43 6f 6c 6f 72 3a 23 63 66 64 37 64 66 3b 2d 2d 66 6f 6f 74 6e 6f 74 65 54 65 78 74 43 6f 6c 6f 72 3a 23 34 64 35 62 37 38 3b 2d 2d 64 69 73 63 6c 61 69 6d 65 72 54 65 78 74 43 6f 6c 6f 72 3a 23 37 30 37 66 39 38 3b 2d 2d 69 6e 6c 69 6e 65 43 6f 64 65 54 65 78 74 43 6f 6c 6f 72 3a 23 32 63 33 61 35 37 3b 2d 2d 69 6e
                                                                                                                                                                                                                          Data Ascii: f6f9fc;--gridSubcardBackground:#fff;--tableIconColor:#8c9eb1;--stripeAccentWhite:#fff;--stripeAccentLight:#e3e7ec;--stripeAccentDark:#0a2540;--bulletColor:#cfd7df;--footnoteTextColor:#4d5b78;--disclaimerTextColor:#707f98;--inlineCodeTextColor:#2c3a57;--in
                                                                                                                                                                                                                          2024-05-05 12:34:03 UTC16384INData Raw: 6f 6c 6f 72 3a 23 66 61 62 30 30 30 7d 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 66 66 63 65 34 38 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 66 6c 61 76 6f 72 2d 2d 54 72 6f 70 69 63 61 6c 7b 2d 2d 62 6c 65 6e 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 38 30 65 39 66 66 3b 2d 2d 62 6c 65 6e 64 49 6e 74 65 72 73 65 63 74 69 6f 6e 3a 23 30 30 34 38 65 35 3b 2d 2d 62 6c 65 6e 64 46 6f 72 65 67 72 6f 75 6e 64 3a 23 37 61 37 33 66 66 3b 2d 2d 67 72 61 64 69 65 6e 74 43 6f 6c 6f 72 5a 65 72 6f
                                                                                                                                                                                                                          Data Ascii: olor:#fab000}.flavor--Sunset.theme--Dark.accent--Yellow,.flavor--Sunset.theme--Dark .accent--Yellow{--accentColor:#ffce48}</style><style>.flavor--Tropical{--blendBackground:#80e9ff;--blendIntersection:#0048e5;--blendForeground:#7a73ff;--gradientColorZero
                                                                                                                                                                                                                          2024-05-05 12:34:03 UTC16384INData Raw: 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 49 6e 76 6f 69 63 69 6e 67 46 65 61 74 75 72 65 47 72 61 70 68 69 63 2d 64 62 39 35 66 36 63 62 66 61 36 33 38 63 63 61 31 35 31 65 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 44 65 76 65 6c 6f 70 65 72 73
                                                                                                                                                                                                                          Data Ascii: esheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/InvoicingFeatureGraphic-db95f6cbfa638cca151e.css" media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Developers
                                                                                                                                                                                                                          2024-05-05 12:34:03 UTC16384INData Raw: 36 47 48 48 37 4e 46 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 50 61 79 6d 65 6e 74 73 41 6e 69 6d 61 74 69 6f 6e 2d 56 43 35 4d 44 35 32 51 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 49 63 6f 6e 47 72 69 64 2d 53 52 36 44 55 4d 59 43 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68
                                                                                                                                                                                                                          Data Ascii: 6GHH7NF.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorPaymentsAnimation-VC5MD52Q.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorIconGrid-SR6DUMYC.js"},{"critical":false,"path


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          174192.168.2.449931192.0.76.34434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:03 UTC690OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3224&rand=0.7777739801533385 HTTP/1.1
                                                                                                                                                                                                                          Host: pixel.wp.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: image
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:03 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:03 GMT
                                                                                                                                                                                                                          Content-Type: image/gif
                                                                                                                                                                                                                          Content-Length: 50
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:03 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                          Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          175192.168.2.449932104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:03 UTC648OUTGET /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912442.15.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:04 UTC813INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:04 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                          Content-Length: 1
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          X-Robots-Tag: noindex
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OfP5bV%2Bg7JHzHDOg0ptrnrSwFJisPFvMykrRJa8JIqOGpCJdsfDltumVa4JH9pTLCPMVW5VrryNsLWZcAydu5rcSsk19cJn%2Fy9G86ovXv4jjL2nifIgVHOxiX60%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c335fc918263-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:04 UTC1INData Raw: 30
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          176192.168.2.449934192.0.76.34434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:03 UTC460OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3224&rand=0.7777739801533385 HTTP/1.1
                                                                                                                                                                                                                          Host: pixel.wp.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:04 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:04 GMT
                                                                                                                                                                                                                          Content-Type: image/gif
                                                                                                                                                                                                                          Content-Length: 50
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:04 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                          Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          177192.168.2.44993344.237.131.1214434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:04 UTC660OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 3508
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://m.stripe.network
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://m.stripe.network/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7
                                                                                                                                                                                                                          2024-05-05 12:34:04 UTC3508OUTData Raw: 4a 54 64 43 4a 54 49 79 64 6a 49 6c 4d 6a 49 6c 4d 30 45 78 4a 54 4a 44 4a 54 49 79 61 57 51 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 49 33 4d 47 4d 79 4d 44 6b 35 4d 54 67 7a 59 6a 63 30 5a 6a 6b 32 4e 47 51 35 4f 57 51 79 5a 47 52 6b 5a 6d 4e 6d 4f 54 68 69 59 69 55 79 4d 69 55 79 51 79 55 79 4d 6e 51 6c 4d 6a 49 6c 4d 30 45 79 4e 79 34 7a 4a 54 4a 44 4a 54 49 79 64 47 46 6e 4a 54 49 79 4a 54 4e 42 4a 54 49 79 4e 43 34 31 4c 6a 51 7a 4a 54 49 79 4a 54 4a 44 4a 54 49 79 63 33 4a 6a 4a 54 49 79 4a 54 4e 42 4a 54 49 79 61 6e 4d 6c 4d 6a 49 6c 4d 6b 4d 6c 4d 6a 4a 68 4a 54 49 79 4a 54 4e 42 4a 54 64 43 4a 54 49 79 59 53 55 79 4d 69 55 7a 51 53 55 33 51 69 55 79 4d 6e 59 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 4a 30 63 6e 56 6c 4a 54 49 79 4a 54 4a 44 4a 54 49 79 64 43 55
                                                                                                                                                                                                                          Data Ascii: JTdCJTIydjIlMjIlM0ExJTJDJTIyaWQlMjIlM0ElMjI3MGMyMDk5MTgzYjc0Zjk2NGQ5OWQyZGRkZmNmOThiYiUyMiUyQyUyMnQlMjIlM0EyNy4zJTJDJTIydGFnJTIyJTNBJTIyNC41LjQzJTIyJTJDJTIyc3JjJTIyJTNBJTIyanMlMjIlMkMlMjJhJTIyJTNBJTdCJTIyYSUyMiUzQSU3QiUyMnYlMjIlM0ElMjJ0cnVlJTIyJTJDJTIydCU
                                                                                                                                                                                                                          2024-05-05 12:34:04 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:04 GMT
                                                                                                                                                                                                                          Content-Length: 156
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          set-cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7;Expires=Tue, 05-May-2026 12:34:04 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                          x-content-type-options: nosniff
                                                                                                                                                                                                                          x-stripe-server-envoy-start-time-us: 1714912444322432
                                                                                                                                                                                                                          x-stripe-server-envoy-upstream-service-time-ms: 2
                                                                                                                                                                                                                          x-envoy-attempt-count: 1
                                                                                                                                                                                                                          x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                          x-stripe-client-envoy-start-time-us: 1714912444321940
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:34:04 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 64 61 61 33 63 63 35 32 2d 32 38 33 34 2d 34 65 61 31 2d 61 34 36 63 2d 35 37 62 37 36 35 36 63 65 66 62 39 37 39 30 32 65 39 22 2c 22 67 75 69 64 22 3a 22 32 36 39 37 37 36 30 38 2d 65 39 30 32 2d 34 39 63 37 2d 38 39 30 61 2d 38 63 66 35 61 62 30 66 38 66 31 32 35 62 63 30 65 37 22 2c 22 73 69 64 22 3a 22 65 63 66 34 65 66 37 35 2d 33 36 35 63 2d 34 37 39 33 2d 62 30 65 36 2d 63 39 34 34 37 39 38 37 35 38 39 36 38 61 32 61 36 35 22 7d
                                                                                                                                                                                                                          Data Ascii: {"muid":"daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9","guid":"26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7","sid":"ecf4ef75-365c-4793-b0e6-c944798758968a2a65"}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          178192.168.2.44993544.240.201.864434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:04 UTC433OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7; cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9
                                                                                                                                                                                                                          2024-05-05 12:34:05 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:05 GMT
                                                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                                                          Content-Length: 138
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Location: https://stripe.com
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:34:05 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                          Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          179192.168.2.449936104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:07 UTC997OUTGET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                          Sec-Fetch-User: ?1
                                                                                                                                                                                                                          Sec-Fetch-Dest: document
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912442.15.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC1035INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:08 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                          Link: <https://bitsum.com/wp-json/>; rel="https://api.w.org/"
                                                                                                                                                                                                                          Link: <https://bitsum.com/wp-json/wp/v2/pages/26649>; rel="alternate"; type="application/json"
                                                                                                                                                                                                                          Link: <https://bitsum.com/?p=26649>; rel=shortlink
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NyTw0fwrss6ag73kAHB7DV6Oq9ZE09%2BAC53nZRJiWRitZ%2Fud6nugG5YUH3eL3nXQnMZmX%2FPwi5XLuumSPz3ZWiKQcYS8DDo1YCoYJt68OBhieBQfQuHjLqrh7CQ%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c34d3bb05a8e-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC334INData Raw: 37 62 61 39 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65
                                                                                                                                                                                                                          Data Ascii: 7ba9<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><link rel="profile" href="http://gmpg.org/xfn/11" /><link rel="pingback" href="https://bitsum.com/xmlrpc.php" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta name
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC1369INData Raw: 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 66 61 76 69 63 6f 6e 2e 70 6e 67 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 47 65 74 20 50 72 6f 63 65 73 73 20 4c 61 73 73 6f 20 50 72 6f 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20
                                                                                                                                                                                                                          Data Ascii: rt" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /><link rel="shortcut icon" href="https://bitsum.com/wp-content/uploads/favicon.png" type="image/x-icon" /><title>Get Process Lasso Pro</title><meta name="robots"
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC1369INData Raw: 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 29 20 3a 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 65 66 61 75 6c 74 4c 6f 63 61 74 69 6f 6e 73 20 29 3b 0a 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 76 61 72 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 4c 6f 63 61 74 69 6f 6e 73 20 3d 20 28 74 79 70 65 6f 66 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f
                                                                                                                                                                                                                          Data Ascii: y === 'object') ? MonsterInsightsPrivacyGuardFilter( MonsterInsightsExcludeQuery ) : MonsterInsightsPrivacyGuardFilter( MonsterInsightsDefaultLocations );} else {var MonsterInsightsLocations = (typeof MonsterInsightsExcludeQuery === 'object') ?
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC1369INData Raw: 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 20 3d 20 7b 0a 09 09 09 09 09 68 65 6c 70 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 09 74 72 61 63 6b 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 7d 3b 0a 09 09 09 09 69 66 20 28 6d 69 5f 74 72 61 63 6b 5f 75 73 65 72 29 20 7b 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 29 20 7b 0a 09 09 09 09 09 09 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 0a 09 09 09 09 09 7d 0a 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 54 72 61 63 6b 65 72 28 74 79 70 65 2c 20 6e 61 6d 65 2c 20 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 69 66 20 28 21 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 09 70 61 72
                                                                                                                                                                                                                          Data Ascii: sightsDualTracker = {helpers: {},trackers: {},};if (mi_track_user) {function __gtagDataLayer() {dataLayer.push(arguments);}function __gtagTracker(type, name, parameters) {if (!parameters) {par
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC1369INData Raw: 3a 2f 2f 64 65 76 65 6c 6f 70 65 72 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 6e 61 6c 79 74 69 63 73 2f 64 65 76 67 75 69 64 65 73 2f 63 6f 6c 6c 65 63 74 69 6f 6e 2f 61 6e 61 6c 79 74 69 63 73 6a 73 2f 20 2a 2f 0a 09 09 09 09 09 09 2f 2a 20 67 61 20 61 6e 64 20 5f 5f 67 61 54 72 61 63 6b 65 72 20 63 6f 6d 70 61 74 69 62 69 6c 69 74 79 20 73 68 69 6d 2e 20 2a 2f 0a 09 09 09 09 09 09 76 61 72 20 6e 6f 6f 70 66 6e 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 0a 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 76 61 72 20 6e 65 77 74 72 61 63 6b 65 72 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 65 77 20 54 72 61 63 6b 65 72 28 29 3b 0a 09 09 09 09
                                                                                                                                                                                                                          Data Ascii: ://developers.google.com/analytics/devguides/collection/analyticsjs/ *//* ga and __gaTracker compatibility shim. */var noopfn = function () {return null;};var newtracker = function () {return new Tracker();
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC1369INData Raw: 65 76 65 6e 74 41 63 74 69 6f 6e 27 3a 20 27 70 61 67 65 5f 76 69 65 77 27 2c 0a 09 09 09 09 09 09 09 09 09 09 09 09 27 70 61 67 65 5f 70 61 74 68 27 3a 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 2c 0a 09 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 4f 62 6a 65 63 74 20 3d 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 35 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09
                                                                                                                                                                                                                          Data Ascii: eventAction': 'page_view','page_path': arguments[2],}}}if (typeof arguments[2] === 'object') {hitObject = arguments[2];}if (typeof arguments[5] === 'object') {
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC1369INData Raw: 0a 09 09 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 09 09 66 6f 72 20 28 61 72 67 20 69 6e 20 61 72 67 73 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 69 66 20 28 21 28 21 61 72 67 73 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 20 7c 7c 20 21 67 61 4d 61 70 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 29 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 67 61 4d 61 70 5b 61 72 67 5d 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 61 72 67 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 68 69 74 3b 0a 09
                                                                                                                                                                                                                          Data Ascii: };for (arg in args) {if (!(!args.hasOwnProperty(arg) || !gaMap.hasOwnProperty(arg))) {hit[gaMap[arg]] = args[arg];} else {hit[arg] = args[arg];}}return hit;
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC1369INData Raw: 79 28 6d 61 70 49 6e 64 65 78 29 29 20 7b 0a 09 09 09 09 09 09 69 74 65 6d 5b 66 69 65 6c 64 4d 61 70 5b 6d 61 70 49 6e 64 65 78 5d 5d 20 3d 20 75 61 49 74 65 6d 5b 6d 61 70 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 7d 0a 09 09 09 09 7d 0a 0a 09 09 09 09 66 6f 72 20 28 70 72 65 66 69 78 49 6e 64 65 78 20 3d 20 30 3b 20 70 72 65 66 69 78 49 6e 64 65 78 20 3c 20 74 6f 42 65 50 72 65 66 69 78 65 64 2e 6c 65 6e 67 74 68 3b 20 70 72 65 66 69 78 49 6e 64 65 78 2b 2b 29 20 7b 0a 09 09 09 09 09 70 72 65 66 69 78 4b 65 79 20 3d 20 74 6f 42 65 50 72 65 66 69 78 65 64 5b 70 72 65 66 69 78 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 75 61 49 74 65 6d 5b 70 72 65 66 69 78 4b 65 79 5d 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 29 20 7b 0a
                                                                                                                                                                                                                          Data Ascii: y(mapIndex)) {item[fieldMap[mapIndex]] = uaItem[mapIndex];}}for (prefixIndex = 0; prefixIndex < toBePrefixed.length; prefixIndex++) {prefixKey = toBePrefixed[prefixIndex];if (typeof uaItem[prefixKey] !== 'undefined') {
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC1369INData Raw: 7b 0a 09 09 09 09 63 6f 6e 73 74 20 69 74 65 6d 73 20 3d 20 70 61 72 61 6d 65 74 65 72 73 2e 69 74 65 6d 73 2e 6d 61 70 28 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 68 65 6c 70 65 72 73 2e 6d 61 70 50 72 6f 64 75 63 74 49 74 65 6d 29 3b 0a 09 09 09 09 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 27 65 76 65 6e 74 27 2c 20 27 73 65 6c 65 63 74 5f 69 74 65 6d 27 2c 20 7b 69 74 65 6d 73 3a 20 69 74 65 6d 73 2c 20 73 65 6e 64 5f 74 6f 3a 20 70 61 72 61 6d 65 74 65 72 73 2e 73 65 6e 64 5f 74 6f 7d 29 3b 0a 09 09 09 7d 3b 0a 0a 09 09 09 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 74 72 61 63 6b 65 72 73 5b 27 76 69 65 77 5f 69 74 65 6d 27 5d 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 70
                                                                                                                                                                                                                          Data Ascii: {const items = parameters.items.map(MonsterInsightsDualTracker.helpers.mapProductItem);__gtagDataLayer('event', 'select_item', {items: items, send_to: parameters.send_to});};MonsterInsightsDualTracker.trackers['view_item'] = function (p
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC1369INData Raw: 29 7d 66 75 6e 63 74 69 6f 6e 20 75 28 65 2c 74 2c 6e 29 7b 73 77 69 74 63 68 28 74 29 7b 63 61 73 65 22 66 6c 61 67 22 3a 72 65 74 75 72 6e 20 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 32 36 61 37 5c 75 66 65 30 66 22 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 62 5c 75 32 36 61 37 5c 75 66 65 30 66 22 29 3f 21 31 3a 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 64 38 33 63 5c 75 64 64 66 33 22 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 32 30 30 62 5c 75 64 38 33 63 5c 75 64 64 66 33 22 29 26 26 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 64 62 34 30 5c 75 64 63 36 35
                                                                                                                                                                                                                          Data Ascii: )}function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc65


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          180192.168.2.449939198.202.176.814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:07 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                          Host: stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC4216INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:07 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                          Content-Length: 2253471
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                          Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                          Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                          Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                          Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                          X-Mkt-Cache: HIT
                                                                                                                                                                                                                          X-Wis-Cache-Control: max-age=300
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC12168INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC16384INData Raw: 64 20 2e 53 65 63 74 69 6f 6e 5f 5f 6c 61 79 6f 75 74 7b 2d 2d 73 65 63 74 69 6f 6e 50 61 64 64 69 6e 67 54 6f 70 3a 30 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 3a 32 35 30 6d 73 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 53 70 61 63 69 6e 67 3a 31 33 70 78 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a
                                                                                                                                                                                                                          Data Ascii: d .Section__layout{--sectionPaddingTop:0}</style><style>.SiteHeader{--siteMenuTransition:250ms;--siteMenuArrowSpacing:13px;--siteMenuArrowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC16384INData Raw: 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 31 32 30 25 29 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 2c 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 62 61 63 6b 42 75 74 74 6f 6e 7b 6f 70 61 63 69 74 79 3a 30 3b 76 69 73 69 62 69 6c 69 74 79 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 49 6e 29 3b 70 6f 69 6e 74 65 72 2d 65 76 65 6e 74 73 3a 6e 6f
                                                                                                                                                                                                                          Data Ascii: -color:transparent}.MobileMenu--isSubMenuActive .MobileMenu__logo{transform:translateX(-120%)}.MobileMenu--isSubMenuActive .MobileMenu__logo,.MobileMenu__backButton{opacity:0;visibility:hidden;transition:var(--siteMobileMenuTransitionIn);pointer-events:no
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC16384INData Raw: 69 6f 6e 2d 70 72 6f 70 65 72 74 79 3a 74 72 61 6e 73 66 6f 72 6d 3b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 7a 2d 69 6e 64 65 78 3a 32 7d 2e 53 69 74 65 48 65 61 64 65 72 2d 2d 64 72 6f 70 64 6f 77 6e 56 69 73 69 62 6c 65 20 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 59 28 30 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 29 29 20 72 6f 74 61 74 65 28 34 35 64 65 67 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e
                                                                                                                                                                                                                          Data Ascii: ion-property:transform;transition-duration:var(--siteMenuTransition);z-index:2}.SiteHeader--dropdownVisible .SiteHeaderArrow{transform:translateY(0) translateX(var(--siteMenuArrowOffset)) rotate(45deg)}@media (max-width:899px){.SiteHeaderArrow{display:non
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC16384INData Raw: 61 64 65 72 2c 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 3d 65 73 2d 75 73 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 37 38 70 78 7d 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 2a 3d 6a 61 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 36 36 70 78 7d 7d 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 76 61 72 28 2d 2d 63 61 70 74 69 6f 6e 4d 61 72 67 69 6e 54 6f 70 29 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 36 30 30 70 78 29 7b 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 69 6e 2d 77 69 64 74 68
                                                                                                                                                                                                                          Data Ascii: ader,.MktRoot[lang=es-us] .HomepageHeroHeader{--titleFontSize:78px}.MktRoot[lang*=ja] .HomepageHeroHeader{--titleFontSize:66px}}.HomepageHeroHeader__caption{margin-top:var(--captionMarginTop)}@media (min-width:600px){.HomepageHeroHeader__caption{min-width
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC16384INData Raw: 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 5a 28 30 29 7d 2e 46 61 63 65 2e 69 73 2d 70 68 6f 6e 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 7b 6f 70 61 63 69 74 79 3a 31 3b 74 72 61 6e 73 66 6f 72 6d 3a 70 65 72 73 70 65 63 74 69 76 65 28 35 30 30 70 78 29 20 74 72 61 6e 73 6c 61 74 65 59 28 31 32 70 78 29 20 72 6f 74 61 74 65 58 28 30 64 65 67 29 3b 61 6e 69 6d 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 66 61 63 65 41 6e 69 6d 61 74 69 6f 6e 44 69 73 61 62 6c 65 64 2c 70 68 6f 6e 65 2d 74 61 70 20 32 2e 37 73 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 66 6f 72 77 61 72 64 73 20 69 6e 66 69 6e 69 74 65 20 2e 34 73 29 7d 2e 46 61 63 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 43 6c 69 70 2c 2e 46 61 63 65 20 2e 46 61 63
                                                                                                                                                                                                                          Data Ascii: flow:hidden;transform:translateZ(0)}.Face.is-phone .Face__phone{opacity:1;transform:perspective(500px) translateY(12px) rotateX(0deg);animation:var(--faceAnimationDisabled,phone-tap 2.7s ease-in-out forwards infinite .4s)}.Face .Face__phoneClip,.Face .Fac
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC16384INData Raw: 66 36 66 39 66 63 3b 2d 2d 67 72 69 64 53 75 62 63 61 72 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 2d 2d 74 61 62 6c 65 49 63 6f 6e 43 6f 6c 6f 72 3a 23 38 63 39 65 62 31 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 57 68 69 74 65 3a 23 66 66 66 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 4c 69 67 68 74 3a 23 65 33 65 37 65 63 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 44 61 72 6b 3a 23 30 61 32 35 34 30 3b 2d 2d 62 75 6c 6c 65 74 43 6f 6c 6f 72 3a 23 63 66 64 37 64 66 3b 2d 2d 66 6f 6f 74 6e 6f 74 65 54 65 78 74 43 6f 6c 6f 72 3a 23 34 64 35 62 37 38 3b 2d 2d 64 69 73 63 6c 61 69 6d 65 72 54 65 78 74 43 6f 6c 6f 72 3a 23 37 30 37 66 39 38 3b 2d 2d 69 6e 6c 69 6e 65 43 6f 64 65 54 65 78 74 43 6f 6c 6f 72 3a 23 32 63 33 61 35 37 3b 2d 2d 69 6e
                                                                                                                                                                                                                          Data Ascii: f6f9fc;--gridSubcardBackground:#fff;--tableIconColor:#8c9eb1;--stripeAccentWhite:#fff;--stripeAccentLight:#e3e7ec;--stripeAccentDark:#0a2540;--bulletColor:#cfd7df;--footnoteTextColor:#4d5b78;--disclaimerTextColor:#707f98;--inlineCodeTextColor:#2c3a57;--in
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC16384INData Raw: 6f 6c 6f 72 3a 23 66 61 62 30 30 30 7d 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 66 66 63 65 34 38 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 66 6c 61 76 6f 72 2d 2d 54 72 6f 70 69 63 61 6c 7b 2d 2d 62 6c 65 6e 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 38 30 65 39 66 66 3b 2d 2d 62 6c 65 6e 64 49 6e 74 65 72 73 65 63 74 69 6f 6e 3a 23 30 30 34 38 65 35 3b 2d 2d 62 6c 65 6e 64 46 6f 72 65 67 72 6f 75 6e 64 3a 23 37 61 37 33 66 66 3b 2d 2d 67 72 61 64 69 65 6e 74 43 6f 6c 6f 72 5a 65 72 6f
                                                                                                                                                                                                                          Data Ascii: olor:#fab000}.flavor--Sunset.theme--Dark.accent--Yellow,.flavor--Sunset.theme--Dark .accent--Yellow{--accentColor:#ffce48}</style><style>.flavor--Tropical{--blendBackground:#80e9ff;--blendIntersection:#0048e5;--blendForeground:#7a73ff;--gradientColorZero
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC16384INData Raw: 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 49 6e 76 6f 69 63 69 6e 67 46 65 61 74 75 72 65 47 72 61 70 68 69 63 2d 64 62 39 35 66 36 63 62 66 61 36 33 38 63 63 61 31 35 31 65 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 44 65 76 65 6c 6f 70 65 72 73
                                                                                                                                                                                                                          Data Ascii: esheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/InvoicingFeatureGraphic-db95f6cbfa638cca151e.css" media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Developers
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC16384INData Raw: 36 47 48 48 37 4e 46 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 50 61 79 6d 65 6e 74 73 41 6e 69 6d 61 74 69 6f 6e 2d 56 43 35 4d 44 35 32 51 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 49 63 6f 6e 47 72 69 64 2d 53 52 36 44 55 4d 59 43 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68
                                                                                                                                                                                                                          Data Ascii: 6GHH7NF.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorPaymentsAnimation-VC5MD52Q.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorIconGrid-SR6DUMYC.js"},{"critical":false,"path


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          181192.168.2.44993844.237.131.1214434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:07 UTC659OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 796
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://m.stripe.network
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://m.stripe.network/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7
                                                                                                                                                                                                                          2024-05-05 12:34:07 UTC796OUTData Raw: 4a 54 64 43 4a 54 49 79 62 58 56 70 5a 43 55 79 4d 69 55 7a 51 53 55 79 4d 6d 52 68 59 54 4e 6a 59 7a 55 79 4c 54 49 34 4d 7a 51 74 4e 47 56 68 4d 53 31 68 4e 44 5a 6a 4c 54 55 33 59 6a 63 32 4e 54 5a 6a 5a 57 5a 69 4f 54 63 35 4d 44 4a 6c 4f 53 55 79 4d 69 55 79 51 79 55 79 4d 6e 4e 70 5a 43 55 79 4d 69 55 7a 51 53 55 79 4d 6d 56 6a 5a 6a 52 6c 5a 6a 63 31 4c 54 4d 32 4e 57 4d 74 4e 44 63 35 4d 79 31 69 4d 47 55 32 4c 57 4d 35 4e 44 51 33 4f 54 67 33 4e 54 67 35 4e 6a 68 68 4d 6d 45 32 4e 53 55 79 4d 69 55 79 51 79 55 79 4d 6e 56 79 62 43 55 79 4d 69 55 7a 51 53 55 79 4d 6d 68 30 64 48 42 7a 4a 54 4e 42 4a 54 4a 47 4a 54 4a 47 5a 48 52 6c 4d 31 70 32 4e 7a 4e 4e 4d 55 78 6b 57 6c 5a 31 63 54 52 51 54 45 31 49 59 6c 42 68 55 32 70 6f 56 6e 6c 30 57 45 6b
                                                                                                                                                                                                                          Data Ascii: JTdCJTIybXVpZCUyMiUzQSUyMmRhYTNjYzUyLTI4MzQtNGVhMS1hNDZjLTU3Yjc2NTZjZWZiOTc5MDJlOSUyMiUyQyUyMnNpZCUyMiUzQSUyMmVjZjRlZjc1LTM2NWMtNDc5My1iMGU2LWM5NDQ3OTg3NTg5NjhhMmE2NSUyMiUyQyUyMnVybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGZHRlM1p2NzNNMUxkWlZ1cTRQTE1IYlBhU2poVnl0WEk
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:08 GMT
                                                                                                                                                                                                                          Content-Length: 156
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          set-cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7;Expires=Tue, 05-May-2026 12:34:08 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                          x-content-type-options: nosniff
                                                                                                                                                                                                                          x-stripe-server-envoy-start-time-us: 1714912448077693
                                                                                                                                                                                                                          x-stripe-server-envoy-upstream-service-time-ms: 2
                                                                                                                                                                                                                          x-envoy-attempt-count: 1
                                                                                                                                                                                                                          x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                          x-stripe-client-envoy-start-time-us: 1714912448077190
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 64 61 61 33 63 63 35 32 2d 32 38 33 34 2d 34 65 61 31 2d 61 34 36 63 2d 35 37 62 37 36 35 36 63 65 66 62 39 37 39 30 32 65 39 22 2c 22 67 75 69 64 22 3a 22 32 36 39 37 37 36 30 38 2d 65 39 30 32 2d 34 39 63 37 2d 38 39 30 61 2d 38 63 66 35 61 62 30 66 38 66 31 32 35 62 63 30 65 37 22 2c 22 73 69 64 22 3a 22 65 63 66 34 65 66 37 35 2d 33 36 35 63 2d 34 37 39 33 2d 62 30 65 36 2d 63 39 34 34 37 39 38 37 35 38 39 36 38 61 32 61 36 35 22 7d
                                                                                                                                                                                                                          Data Ascii: {"muid":"daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9","guid":"26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7","sid":"ecf4ef75-365c-4793-b0e6-c944798758968a2a65"}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          182192.168.2.449937104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC885OUTGET /?custom-css=c8bee26073 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912442.15.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC820INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:08 GMT
                                                                                                                                                                                                                          Content-Type: text/css;charset=UTF-8
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Mon, 05 May 2025 12:34:08 GMT
                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H4vqV6wOslq8ebV6Gn8IqGq%2B4swLHAf%2FCN1s50Vr8PdU6o1xWAbBVgwwdnd31EiJDsi6q2n07cyTpFNAg3GtLgJcTMejHJh6s58WGTvTtcIvniVibVmrXuZhWqY%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c3524e3857be-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC549INData Raw: 66 31 38 0d 0a 40 69 6d 70 6f 72 74 20 75 72 6c 28 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 26 64 69 73 70 6c 61 79 3d 73 77 61 70 27 29 3b 0a 0a 2f 2a 20 64 69 73 61 62 6c 65 20 64 61 72 6b 20 6d 6f 64 65 20 70 65 6e 64 69 6e 67 20 6d 6f 72 65 20 70 72 65 63 69 73 65 20 77 6f 72 6b 20 2a 2f 0a 2f 2a 20 40 69 6d 70 6f 72 74 20 22 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6d 65 6d 69 6e 7a 2f 63 73 73 2f 64 61 72 6b 6d 6f 64 65 2d 63 75 73 74 6f 6d 2e 63 73 73 22 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 20 64 61 72 6b 29 3b 0a 2a 2f 0a 0a 23 6e 6f 2d 75 73 65 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f
                                                                                                                                                                                                                          Data Ascii: f18@import url('https://fonts.googleapis.com/css2?family=Roboto&display=swap');/* disable dark mode pending more precise work *//* @import "/wp-content/themes/meminz/css/darkmode-custom.css" (prefers-color-scheme: dark);*/#no-use {margin: 0 auto
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC1369INData Raw: 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 66 6f 63 75 73 0a 7b 0a 09 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 68 6f 76 65 72 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 2e 73 65 6c 65 63 74 65 64 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20
                                                                                                                                                                                                                          Data Ascii: fault .navbar-nav li a:focus{border: none;}.navbar-default .navbar-nav li a:hover,.navbar-default .navbar-nav li a.selected,.navbar-default .navbar-nav .active a,.navbar-default .navbar-nav .dropdown.active a,.navbar-default .navbar-nav .active
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC1369INData Raw: 0a 09 70 61 64 64 69 6e 67 3a 20 2e 35 65 6d 3b 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 2e 35 65 6d 3b 0a 09 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 37 30 30 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 32 70 78 3b 0a 09 2d 6d 6f 7a 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 77 65 62 6b 69 74 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 6b 68 74 6d 6c 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 3b 0a 09 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 7d 0a 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 61 63 74 69 76 65 2c 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 68 6f 76 65 72 2c 0a 61
                                                                                                                                                                                                                          Data Ascii: padding: .5em;line-height: 2.5em;font-weight: 700;border-width: 2px;-moz-border-radius: .5em;-webkit-border-radius: .5em;-khtml-border-radius: .5em .5em .5em .5em;border-radius: .5em;}a.download_button:active,a.download_button:hover,a
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC584INData Raw: 6f 6c 6f 72 3a 20 23 45 30 45 30 45 30 3b 0a 09 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 39 41 39 41 39 41 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 31 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 7d 0a 0a 2e 77 70 62 5f 63 6f 6e 74 65 6e 74 5f 65 6c 65 6d 65 6e 74 20 2e 77 70 62 5f 74 61 62 73 5f 6e 61 76 20 7b 0a 09 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 68 69 64 64 65 6e 2c 20 2e 65 64 64 5f 73 6c 5f 6e 6f 5f 6d 61 6e 61 67 65 6d 65 6e 74 2c 20 2e 65 64 64 5f 73 6c 5f 73 74 61 74 75 73 5f 6c 61 62 65 6c 2c 20 2e 65 64 64 2d 73 6c 2d 61 63 74 69 76 65 2c 20 2e
                                                                                                                                                                                                                          Data Ascii: olor: #E0E0E0;border-color: #9A9A9A;border-width: 1px;border-top-left-radius: 6px;border-top-right-radius: 6px;}.wpb_content_element .wpb_tabs_nav {border-style: none;}.hidden, .edd_sl_no_management, .edd_sl_status_label, .edd-sl-active, .
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          183192.168.2.449941142.251.16.1134434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC1234OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912441443&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&tfd=8523 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:08 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          184192.168.2.44994044.240.201.864434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC433OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7; cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:08 GMT
                                                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                                                          Content-Length: 138
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Location: https://stripe.com
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                          Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          185192.168.2.449942104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC1016OUTPOST /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 136
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded; charset=UTF-8
                                                                                                                                                                                                                          X-Requested-With: XMLHttpRequest
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912447.10.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC136OUTData Raw: 61 63 74 69 6f 6e 3d 65 64 64 75 68 5f 74 72 61 63 6b 5f 68 69 73 74 6f 72 79 26 70 61 67 65 5f 75 72 6c 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 62 69 74 73 75 6d 2e 63 6f 6d 25 32 46 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 25 32 46 25 33 46 64 69 73 63 6f 75 6e 74 25 33 44 42 49 54 53 55 4d 32 35 4f 46 46 25 32 36 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 25 33 44 31 26 72 65 66 65 72 72 65 72 3d
                                                                                                                                                                                                                          Data Ascii: action=edduh_track_history&page_url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&referrer=
                                                                                                                                                                                                                          2024-05-05 12:34:09 UTC1016INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:09 GMT
                                                                                                                                                                                                                          Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                          Content-Length: 120
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          X-Robots-Tag: noindex
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a5tfBukFH%2BdEe8Jm6MtUvesTL8rYAlNl2N4H7DO8gdRLu%2Fj9HMCySYyCpdvkTff5uxtm683wzoyhvOUUB2wD4MKsWQbIMezg9Rieorok%2B78gY5UkhgDMZl0aytQ%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c354ef90209c-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:09 UTC120INData Raw: 7b 22 73 75 63 63 65 73 73 22 3a 74 72 75 65 2c 22 64 61 74 61 22 3a 7b 22 70 61 67 65 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 62 69 74 73 75 6d 2e 63 6f 6d 5c 2f 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 5c 2f 3f 64 69 73 63 6f 75 6e 74 3d 42 49 54 53 55 4d 32 35 4f 46 46 26 23 30 33 38 3b 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 3d 31 22 7d 7d
                                                                                                                                                                                                                          Data Ascii: {"success":true,"data":{"page_url":"https:\/\/bitsum.com\/get-lasso-pro\/?discount=BITSUM25OFF&#038;inproductcoupon=1"}}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          186192.168.2.449943142.251.16.1134434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC1235OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912447603&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=1694 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:08 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          187192.168.2.449944104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC925OUTGET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714912447 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912442.15.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC743INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:08 GMT
                                                                                                                                                                                                                          Content-Type: text/css
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Fri, 20 Jan 2023 17:33:14 GMT
                                                                                                                                                                                                                          ETag: "1f80ab-0-5f2b571b5b143"
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: MISS
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LiIcqrOqwiYM8w5QXHS%2BqIX6mKVnQBnYfjKUFP3iecm7Sx9gObmCbQZ7I18%2B6y1aZBhtVESVr7md2VLEZ6SxKM1eheJrczEcvOlD5%2BhDy14nQ736h6rUSccVgvI%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c3556ebd82f6-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          188192.168.2.449945142.251.16.1134434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC1240OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912447603&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=2&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=2&tfd=1940 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:09 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:09 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          189192.168.2.449946142.251.16.1134434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:08 UTC1690OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912447603&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr5.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr36.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr64.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true&_e [TRUNCATED]
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:09 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:09 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          190192.168.2.449947198.202.176.814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:09 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                          Host: stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
                                                                                                                                                                                                                          2024-05-05 12:34:09 UTC4216INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:09 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                          Content-Length: 2253471
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                          Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                          Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                          Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                          Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                          X-Mkt-Cache: HIT
                                                                                                                                                                                                                          X-Wis-Cache-Control: max-age=300
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                          2024-05-05 12:34:09 UTC12168INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                          2024-05-05 12:34:09 UTC16384INData Raw: 64 20 2e 53 65 63 74 69 6f 6e 5f 5f 6c 61 79 6f 75 74 7b 2d 2d 73 65 63 74 69 6f 6e 50 61 64 64 69 6e 67 54 6f 70 3a 30 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 3a 32 35 30 6d 73 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 53 70 61 63 69 6e 67 3a 31 33 70 78 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a
                                                                                                                                                                                                                          Data Ascii: d .Section__layout{--sectionPaddingTop:0}</style><style>.SiteHeader{--siteMenuTransition:250ms;--siteMenuArrowSpacing:13px;--siteMenuArrowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:
                                                                                                                                                                                                                          2024-05-05 12:34:09 UTC16384INData Raw: 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 31 32 30 25 29 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 2c 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 62 61 63 6b 42 75 74 74 6f 6e 7b 6f 70 61 63 69 74 79 3a 30 3b 76 69 73 69 62 69 6c 69 74 79 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 49 6e 29 3b 70 6f 69 6e 74 65 72 2d 65 76 65 6e 74 73 3a 6e 6f
                                                                                                                                                                                                                          Data Ascii: -color:transparent}.MobileMenu--isSubMenuActive .MobileMenu__logo{transform:translateX(-120%)}.MobileMenu--isSubMenuActive .MobileMenu__logo,.MobileMenu__backButton{opacity:0;visibility:hidden;transition:var(--siteMobileMenuTransitionIn);pointer-events:no
                                                                                                                                                                                                                          2024-05-05 12:34:09 UTC16384INData Raw: 69 6f 6e 2d 70 72 6f 70 65 72 74 79 3a 74 72 61 6e 73 66 6f 72 6d 3b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 7a 2d 69 6e 64 65 78 3a 32 7d 2e 53 69 74 65 48 65 61 64 65 72 2d 2d 64 72 6f 70 64 6f 77 6e 56 69 73 69 62 6c 65 20 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 59 28 30 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 29 29 20 72 6f 74 61 74 65 28 34 35 64 65 67 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e
                                                                                                                                                                                                                          Data Ascii: ion-property:transform;transition-duration:var(--siteMenuTransition);z-index:2}.SiteHeader--dropdownVisible .SiteHeaderArrow{transform:translateY(0) translateX(var(--siteMenuArrowOffset)) rotate(45deg)}@media (max-width:899px){.SiteHeaderArrow{display:non
                                                                                                                                                                                                                          2024-05-05 12:34:09 UTC16384INData Raw: 61 64 65 72 2c 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 3d 65 73 2d 75 73 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 37 38 70 78 7d 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 2a 3d 6a 61 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 36 36 70 78 7d 7d 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 76 61 72 28 2d 2d 63 61 70 74 69 6f 6e 4d 61 72 67 69 6e 54 6f 70 29 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 36 30 30 70 78 29 7b 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 69 6e 2d 77 69 64 74 68
                                                                                                                                                                                                                          Data Ascii: ader,.MktRoot[lang=es-us] .HomepageHeroHeader{--titleFontSize:78px}.MktRoot[lang*=ja] .HomepageHeroHeader{--titleFontSize:66px}}.HomepageHeroHeader__caption{margin-top:var(--captionMarginTop)}@media (min-width:600px){.HomepageHeroHeader__caption{min-width
                                                                                                                                                                                                                          2024-05-05 12:34:09 UTC16384INData Raw: 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 5a 28 30 29 7d 2e 46 61 63 65 2e 69 73 2d 70 68 6f 6e 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 7b 6f 70 61 63 69 74 79 3a 31 3b 74 72 61 6e 73 66 6f 72 6d 3a 70 65 72 73 70 65 63 74 69 76 65 28 35 30 30 70 78 29 20 74 72 61 6e 73 6c 61 74 65 59 28 31 32 70 78 29 20 72 6f 74 61 74 65 58 28 30 64 65 67 29 3b 61 6e 69 6d 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 66 61 63 65 41 6e 69 6d 61 74 69 6f 6e 44 69 73 61 62 6c 65 64 2c 70 68 6f 6e 65 2d 74 61 70 20 32 2e 37 73 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 66 6f 72 77 61 72 64 73 20 69 6e 66 69 6e 69 74 65 20 2e 34 73 29 7d 2e 46 61 63 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 43 6c 69 70 2c 2e 46 61 63 65 20 2e 46 61 63
                                                                                                                                                                                                                          Data Ascii: flow:hidden;transform:translateZ(0)}.Face.is-phone .Face__phone{opacity:1;transform:perspective(500px) translateY(12px) rotateX(0deg);animation:var(--faceAnimationDisabled,phone-tap 2.7s ease-in-out forwards infinite .4s)}.Face .Face__phoneClip,.Face .Fac
                                                                                                                                                                                                                          2024-05-05 12:34:09 UTC16384INData Raw: 66 36 66 39 66 63 3b 2d 2d 67 72 69 64 53 75 62 63 61 72 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 2d 2d 74 61 62 6c 65 49 63 6f 6e 43 6f 6c 6f 72 3a 23 38 63 39 65 62 31 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 57 68 69 74 65 3a 23 66 66 66 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 4c 69 67 68 74 3a 23 65 33 65 37 65 63 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 44 61 72 6b 3a 23 30 61 32 35 34 30 3b 2d 2d 62 75 6c 6c 65 74 43 6f 6c 6f 72 3a 23 63 66 64 37 64 66 3b 2d 2d 66 6f 6f 74 6e 6f 74 65 54 65 78 74 43 6f 6c 6f 72 3a 23 34 64 35 62 37 38 3b 2d 2d 64 69 73 63 6c 61 69 6d 65 72 54 65 78 74 43 6f 6c 6f 72 3a 23 37 30 37 66 39 38 3b 2d 2d 69 6e 6c 69 6e 65 43 6f 64 65 54 65 78 74 43 6f 6c 6f 72 3a 23 32 63 33 61 35 37 3b 2d 2d 69 6e
                                                                                                                                                                                                                          Data Ascii: f6f9fc;--gridSubcardBackground:#fff;--tableIconColor:#8c9eb1;--stripeAccentWhite:#fff;--stripeAccentLight:#e3e7ec;--stripeAccentDark:#0a2540;--bulletColor:#cfd7df;--footnoteTextColor:#4d5b78;--disclaimerTextColor:#707f98;--inlineCodeTextColor:#2c3a57;--in
                                                                                                                                                                                                                          2024-05-05 12:34:09 UTC16384INData Raw: 6f 6c 6f 72 3a 23 66 61 62 30 30 30 7d 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 66 66 63 65 34 38 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 66 6c 61 76 6f 72 2d 2d 54 72 6f 70 69 63 61 6c 7b 2d 2d 62 6c 65 6e 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 38 30 65 39 66 66 3b 2d 2d 62 6c 65 6e 64 49 6e 74 65 72 73 65 63 74 69 6f 6e 3a 23 30 30 34 38 65 35 3b 2d 2d 62 6c 65 6e 64 46 6f 72 65 67 72 6f 75 6e 64 3a 23 37 61 37 33 66 66 3b 2d 2d 67 72 61 64 69 65 6e 74 43 6f 6c 6f 72 5a 65 72 6f
                                                                                                                                                                                                                          Data Ascii: olor:#fab000}.flavor--Sunset.theme--Dark.accent--Yellow,.flavor--Sunset.theme--Dark .accent--Yellow{--accentColor:#ffce48}</style><style>.flavor--Tropical{--blendBackground:#80e9ff;--blendIntersection:#0048e5;--blendForeground:#7a73ff;--gradientColorZero
                                                                                                                                                                                                                          2024-05-05 12:34:09 UTC16384INData Raw: 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 49 6e 76 6f 69 63 69 6e 67 46 65 61 74 75 72 65 47 72 61 70 68 69 63 2d 64 62 39 35 66 36 63 62 66 61 36 33 38 63 63 61 31 35 31 65 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 44 65 76 65 6c 6f 70 65 72 73
                                                                                                                                                                                                                          Data Ascii: esheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/InvoicingFeatureGraphic-db95f6cbfa638cca151e.css" media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Developers
                                                                                                                                                                                                                          2024-05-05 12:34:09 UTC16384INData Raw: 36 47 48 48 37 4e 46 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 50 61 79 6d 65 6e 74 73 41 6e 69 6d 61 74 69 6f 6e 2d 56 43 35 4d 44 35 32 51 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 49 63 6f 6e 47 72 69 64 2d 53 52 36 44 55 4d 59 43 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68
                                                                                                                                                                                                                          Data Ascii: 6GHH7NF.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorPaymentsAnimation-VC5MD52Q.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorIconGrid-SR6DUMYC.js"},{"critical":false,"path


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          191192.168.2.449948192.0.76.34434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:09 UTC690OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1960&rand=0.9310427983388707 HTTP/1.1
                                                                                                                                                                                                                          Host: pixel.wp.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: image
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:09 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:09 GMT
                                                                                                                                                                                                                          Content-Type: image/gif
                                                                                                                                                                                                                          Content-Length: 50
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:09 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                          Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          192192.168.2.449950104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:09 UTC647OUTGET /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912448.9.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:09 UTC813INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:09 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                          Content-Length: 1
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          X-Robots-Tag: noindex
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KAQFQit1Tz7fL%2FqpDATZreYw6Er4pROPCQmvXvYibgUcb5Ov7ajeKnCN8OMIwunas88MyjFwlFWknY0jYvbAfR%2BPANT5Uw1PwFLbjj1pZRfPy5lt1MKYuNDjkYE%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c3595b2c6fe0-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:09 UTC1INData Raw: 30
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          193192.168.2.44994944.237.131.1214434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:10 UTC660OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 3508
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://m.stripe.network
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://m.stripe.network/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7
                                                                                                                                                                                                                          2024-05-05 12:34:10 UTC3508OUTData Raw: 4a 54 64 43 4a 54 49 79 64 6a 49 6c 4d 6a 49 6c 4d 30 45 78 4a 54 4a 44 4a 54 49 79 61 57 51 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 49 33 4d 47 4d 79 4d 44 6b 35 4d 54 67 7a 59 6a 63 30 5a 6a 6b 32 4e 47 51 35 4f 57 51 79 5a 47 52 6b 5a 6d 4e 6d 4f 54 68 69 59 69 55 79 4d 69 55 79 51 79 55 79 4d 6e 51 6c 4d 6a 49 6c 4d 30 45 32 4f 53 34 30 4a 54 4a 44 4a 54 49 79 64 47 46 6e 4a 54 49 79 4a 54 4e 42 4a 54 49 79 4e 43 34 31 4c 6a 51 7a 4a 54 49 79 4a 54 4a 44 4a 54 49 79 63 33 4a 6a 4a 54 49 79 4a 54 4e 42 4a 54 49 79 61 6e 4d 6c 4d 6a 49 6c 4d 6b 4d 6c 4d 6a 4a 68 4a 54 49 79 4a 54 4e 42 4a 54 64 43 4a 54 49 79 59 53 55 79 4d 69 55 7a 51 53 55 33 51 69 55 79 4d 6e 59 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 4a 30 63 6e 56 6c 4a 54 49 79 4a 54 4a 44 4a 54 49 79 64 43 55
                                                                                                                                                                                                                          Data Ascii: JTdCJTIydjIlMjIlM0ExJTJDJTIyaWQlMjIlM0ElMjI3MGMyMDk5MTgzYjc0Zjk2NGQ5OWQyZGRkZmNmOThiYiUyMiUyQyUyMnQlMjIlM0E2OS40JTJDJTIydGFnJTIyJTNBJTIyNC41LjQzJTIyJTJDJTIyc3JjJTIyJTNBJTIyanMlMjIlMkMlMjJhJTIyJTNBJTdCJTIyYSUyMiUzQSU3QiUyMnYlMjIlM0ElMjJ0cnVlJTIyJTJDJTIydCU
                                                                                                                                                                                                                          2024-05-05 12:34:11 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:10 GMT
                                                                                                                                                                                                                          Content-Length: 156
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          set-cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7;Expires=Tue, 05-May-2026 12:34:10 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                          x-content-type-options: nosniff
                                                                                                                                                                                                                          x-stripe-server-envoy-start-time-us: 1714912450951711
                                                                                                                                                                                                                          x-stripe-server-envoy-upstream-service-time-ms: 2
                                                                                                                                                                                                                          x-envoy-attempt-count: 1
                                                                                                                                                                                                                          x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                          x-stripe-client-envoy-start-time-us: 1714912450951205
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:34:11 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 64 61 61 33 63 63 35 32 2d 32 38 33 34 2d 34 65 61 31 2d 61 34 36 63 2d 35 37 62 37 36 35 36 63 65 66 62 39 37 39 30 32 65 39 22 2c 22 67 75 69 64 22 3a 22 32 36 39 37 37 36 30 38 2d 65 39 30 32 2d 34 39 63 37 2d 38 39 30 61 2d 38 63 66 35 61 62 30 66 38 66 31 32 35 62 63 30 65 37 22 2c 22 73 69 64 22 3a 22 65 63 66 34 65 66 37 35 2d 33 36 35 63 2d 34 37 39 33 2d 62 30 65 36 2d 63 39 34 34 37 39 38 37 35 38 39 36 38 61 32 61 36 35 22 7d
                                                                                                                                                                                                                          Data Ascii: {"muid":"daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9","guid":"26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7","sid":"ecf4ef75-365c-4793-b0e6-c944798758968a2a65"}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          194192.168.2.449952192.0.76.34434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:11 UTC460OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1960&rand=0.9310427983388707 HTTP/1.1
                                                                                                                                                                                                                          Host: pixel.wp.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:11 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:11 GMT
                                                                                                                                                                                                                          Content-Type: image/gif
                                                                                                                                                                                                                          Content-Length: 50
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:11 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                          Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          195192.168.2.44995144.240.201.864434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:11 UTC433OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7; cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9
                                                                                                                                                                                                                          2024-05-05 12:34:12 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:12 GMT
                                                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                                                          Content-Length: 138
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Location: https://stripe.com
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:34:12 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                          Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          196192.168.2.449953198.202.176.814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:12 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                          Host: stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
                                                                                                                                                                                                                          2024-05-05 12:34:12 UTC4216INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:12 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                          Content-Length: 2253471
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                          Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                          Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                          Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                          Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                          X-Mkt-Cache: HIT
                                                                                                                                                                                                                          X-Wis-Cache-Control: max-age=300
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                          2024-05-05 12:34:12 UTC12168INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                          2024-05-05 12:34:12 UTC16384INData Raw: 64 20 2e 53 65 63 74 69 6f 6e 5f 5f 6c 61 79 6f 75 74 7b 2d 2d 73 65 63 74 69 6f 6e 50 61 64 64 69 6e 67 54 6f 70 3a 30 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 3a 32 35 30 6d 73 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 53 70 61 63 69 6e 67 3a 31 33 70 78 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a
                                                                                                                                                                                                                          Data Ascii: d .Section__layout{--sectionPaddingTop:0}</style><style>.SiteHeader{--siteMenuTransition:250ms;--siteMenuArrowSpacing:13px;--siteMenuArrowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:
                                                                                                                                                                                                                          2024-05-05 12:34:12 UTC16384INData Raw: 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 31 32 30 25 29 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 2c 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 62 61 63 6b 42 75 74 74 6f 6e 7b 6f 70 61 63 69 74 79 3a 30 3b 76 69 73 69 62 69 6c 69 74 79 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 49 6e 29 3b 70 6f 69 6e 74 65 72 2d 65 76 65 6e 74 73 3a 6e 6f
                                                                                                                                                                                                                          Data Ascii: -color:transparent}.MobileMenu--isSubMenuActive .MobileMenu__logo{transform:translateX(-120%)}.MobileMenu--isSubMenuActive .MobileMenu__logo,.MobileMenu__backButton{opacity:0;visibility:hidden;transition:var(--siteMobileMenuTransitionIn);pointer-events:no
                                                                                                                                                                                                                          2024-05-05 12:34:12 UTC16384INData Raw: 69 6f 6e 2d 70 72 6f 70 65 72 74 79 3a 74 72 61 6e 73 66 6f 72 6d 3b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 7a 2d 69 6e 64 65 78 3a 32 7d 2e 53 69 74 65 48 65 61 64 65 72 2d 2d 64 72 6f 70 64 6f 77 6e 56 69 73 69 62 6c 65 20 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 59 28 30 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 29 29 20 72 6f 74 61 74 65 28 34 35 64 65 67 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e
                                                                                                                                                                                                                          Data Ascii: ion-property:transform;transition-duration:var(--siteMenuTransition);z-index:2}.SiteHeader--dropdownVisible .SiteHeaderArrow{transform:translateY(0) translateX(var(--siteMenuArrowOffset)) rotate(45deg)}@media (max-width:899px){.SiteHeaderArrow{display:non
                                                                                                                                                                                                                          2024-05-05 12:34:12 UTC16384INData Raw: 61 64 65 72 2c 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 3d 65 73 2d 75 73 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 37 38 70 78 7d 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 2a 3d 6a 61 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 36 36 70 78 7d 7d 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 76 61 72 28 2d 2d 63 61 70 74 69 6f 6e 4d 61 72 67 69 6e 54 6f 70 29 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 36 30 30 70 78 29 7b 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 69 6e 2d 77 69 64 74 68
                                                                                                                                                                                                                          Data Ascii: ader,.MktRoot[lang=es-us] .HomepageHeroHeader{--titleFontSize:78px}.MktRoot[lang*=ja] .HomepageHeroHeader{--titleFontSize:66px}}.HomepageHeroHeader__caption{margin-top:var(--captionMarginTop)}@media (min-width:600px){.HomepageHeroHeader__caption{min-width
                                                                                                                                                                                                                          2024-05-05 12:34:12 UTC16384INData Raw: 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 5a 28 30 29 7d 2e 46 61 63 65 2e 69 73 2d 70 68 6f 6e 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 7b 6f 70 61 63 69 74 79 3a 31 3b 74 72 61 6e 73 66 6f 72 6d 3a 70 65 72 73 70 65 63 74 69 76 65 28 35 30 30 70 78 29 20 74 72 61 6e 73 6c 61 74 65 59 28 31 32 70 78 29 20 72 6f 74 61 74 65 58 28 30 64 65 67 29 3b 61 6e 69 6d 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 66 61 63 65 41 6e 69 6d 61 74 69 6f 6e 44 69 73 61 62 6c 65 64 2c 70 68 6f 6e 65 2d 74 61 70 20 32 2e 37 73 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 66 6f 72 77 61 72 64 73 20 69 6e 66 69 6e 69 74 65 20 2e 34 73 29 7d 2e 46 61 63 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 43 6c 69 70 2c 2e 46 61 63 65 20 2e 46 61 63
                                                                                                                                                                                                                          Data Ascii: flow:hidden;transform:translateZ(0)}.Face.is-phone .Face__phone{opacity:1;transform:perspective(500px) translateY(12px) rotateX(0deg);animation:var(--faceAnimationDisabled,phone-tap 2.7s ease-in-out forwards infinite .4s)}.Face .Face__phoneClip,.Face .Fac
                                                                                                                                                                                                                          2024-05-05 12:34:12 UTC16384INData Raw: 66 36 66 39 66 63 3b 2d 2d 67 72 69 64 53 75 62 63 61 72 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 2d 2d 74 61 62 6c 65 49 63 6f 6e 43 6f 6c 6f 72 3a 23 38 63 39 65 62 31 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 57 68 69 74 65 3a 23 66 66 66 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 4c 69 67 68 74 3a 23 65 33 65 37 65 63 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 44 61 72 6b 3a 23 30 61 32 35 34 30 3b 2d 2d 62 75 6c 6c 65 74 43 6f 6c 6f 72 3a 23 63 66 64 37 64 66 3b 2d 2d 66 6f 6f 74 6e 6f 74 65 54 65 78 74 43 6f 6c 6f 72 3a 23 34 64 35 62 37 38 3b 2d 2d 64 69 73 63 6c 61 69 6d 65 72 54 65 78 74 43 6f 6c 6f 72 3a 23 37 30 37 66 39 38 3b 2d 2d 69 6e 6c 69 6e 65 43 6f 64 65 54 65 78 74 43 6f 6c 6f 72 3a 23 32 63 33 61 35 37 3b 2d 2d 69 6e
                                                                                                                                                                                                                          Data Ascii: f6f9fc;--gridSubcardBackground:#fff;--tableIconColor:#8c9eb1;--stripeAccentWhite:#fff;--stripeAccentLight:#e3e7ec;--stripeAccentDark:#0a2540;--bulletColor:#cfd7df;--footnoteTextColor:#4d5b78;--disclaimerTextColor:#707f98;--inlineCodeTextColor:#2c3a57;--in
                                                                                                                                                                                                                          2024-05-05 12:34:12 UTC16384INData Raw: 6f 6c 6f 72 3a 23 66 61 62 30 30 30 7d 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 66 66 63 65 34 38 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 66 6c 61 76 6f 72 2d 2d 54 72 6f 70 69 63 61 6c 7b 2d 2d 62 6c 65 6e 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 38 30 65 39 66 66 3b 2d 2d 62 6c 65 6e 64 49 6e 74 65 72 73 65 63 74 69 6f 6e 3a 23 30 30 34 38 65 35 3b 2d 2d 62 6c 65 6e 64 46 6f 72 65 67 72 6f 75 6e 64 3a 23 37 61 37 33 66 66 3b 2d 2d 67 72 61 64 69 65 6e 74 43 6f 6c 6f 72 5a 65 72 6f
                                                                                                                                                                                                                          Data Ascii: olor:#fab000}.flavor--Sunset.theme--Dark.accent--Yellow,.flavor--Sunset.theme--Dark .accent--Yellow{--accentColor:#ffce48}</style><style>.flavor--Tropical{--blendBackground:#80e9ff;--blendIntersection:#0048e5;--blendForeground:#7a73ff;--gradientColorZero
                                                                                                                                                                                                                          2024-05-05 12:34:12 UTC16384INData Raw: 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 49 6e 76 6f 69 63 69 6e 67 46 65 61 74 75 72 65 47 72 61 70 68 69 63 2d 64 62 39 35 66 36 63 62 66 61 36 33 38 63 63 61 31 35 31 65 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 44 65 76 65 6c 6f 70 65 72 73
                                                                                                                                                                                                                          Data Ascii: esheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/InvoicingFeatureGraphic-db95f6cbfa638cca151e.css" media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Developers
                                                                                                                                                                                                                          2024-05-05 12:34:12 UTC16384INData Raw: 36 47 48 48 37 4e 46 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 50 61 79 6d 65 6e 74 73 41 6e 69 6d 61 74 69 6f 6e 2d 56 43 35 4d 44 35 32 51 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 49 63 6f 6e 47 72 69 64 2d 53 52 36 44 55 4d 59 43 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68
                                                                                                                                                                                                                          Data Ascii: 6GHH7NF.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorPaymentsAnimation-VC5MD52Q.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorIconGrid-SR6DUMYC.js"},{"critical":false,"path


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          197192.168.2.449954104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:13 UTC996OUTGET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                          Sec-Fetch-User: ?1
                                                                                                                                                                                                                          Sec-Fetch-Dest: document
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912448.9.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:14 UTC1031INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:14 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                          Link: <https://bitsum.com/wp-json/>; rel="https://api.w.org/"
                                                                                                                                                                                                                          Link: <https://bitsum.com/wp-json/wp/v2/pages/26649>; rel="alternate"; type="application/json"
                                                                                                                                                                                                                          Link: <https://bitsum.com/?p=26649>; rel=shortlink
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LqGik3bDBkd9tiK1Pu6c97tsTHk8aPW0lp0kqZVrSFGnBqndTtSbGnq9OGaVfPnTU%2F24j8bt5PFFeegFA5blZXkJOIQ51mtMqbnrWm8YB3N1Ja5poAE5QSywmBg%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c3734bcc07b3-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:14 UTC338INData Raw: 37 62 61 64 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65
                                                                                                                                                                                                                          Data Ascii: 7bad<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><link rel="profile" href="http://gmpg.org/xfn/11" /><link rel="pingback" href="https://bitsum.com/xmlrpc.php" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta name
                                                                                                                                                                                                                          2024-05-05 12:34:14 UTC1369INData Raw: 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 66 61 76 69 63 6f 6e 2e 70 6e 67 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 47 65 74 20 50 72 6f 63 65 73 73 20 4c 61 73 73 6f 20 50 72 6f 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74
                                                                                                                                                                                                                          Data Ascii: content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /><link rel="shortcut icon" href="https://bitsum.com/wp-content/uploads/favicon.png" type="image/x-icon" /><title>Get Process Lasso Pro</title><meta name="robots" cont
                                                                                                                                                                                                                          2024-05-05 12:34:14 UTC1369INData Raw: 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 29 20 3a 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 65 66 61 75 6c 74 4c 6f 63 61 74 69 6f 6e 73 20 29 3b 0a 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 76 61 72 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 4c 6f 63 61 74 69 6f 6e 73 20 3d 20 28 74 79 70 65 6f 66 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d 6f 6e
                                                                                                                                                                                                                          Data Ascii: = 'object') ? MonsterInsightsPrivacyGuardFilter( MonsterInsightsExcludeQuery ) : MonsterInsightsPrivacyGuardFilter( MonsterInsightsDefaultLocations );} else {var MonsterInsightsLocations = (typeof MonsterInsightsExcludeQuery === 'object') ? Mon
                                                                                                                                                                                                                          2024-05-05 12:34:14 UTC1369INData Raw: 74 73 44 75 61 6c 54 72 61 63 6b 65 72 20 3d 20 7b 0a 09 09 09 09 09 68 65 6c 70 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 09 74 72 61 63 6b 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 7d 3b 0a 09 09 09 09 69 66 20 28 6d 69 5f 74 72 61 63 6b 5f 75 73 65 72 29 20 7b 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 29 20 7b 0a 09 09 09 09 09 09 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 0a 09 09 09 09 09 7d 0a 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 54 72 61 63 6b 65 72 28 74 79 70 65 2c 20 6e 61 6d 65 2c 20 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 69 66 20 28 21 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 09 70 61 72 61 6d 65 74
                                                                                                                                                                                                                          Data Ascii: tsDualTracker = {helpers: {},trackers: {},};if (mi_track_user) {function __gtagDataLayer() {dataLayer.push(arguments);}function __gtagTracker(type, name, parameters) {if (!parameters) {paramet
                                                                                                                                                                                                                          2024-05-05 12:34:14 UTC1369INData Raw: 65 76 65 6c 6f 70 65 72 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 6e 61 6c 79 74 69 63 73 2f 64 65 76 67 75 69 64 65 73 2f 63 6f 6c 6c 65 63 74 69 6f 6e 2f 61 6e 61 6c 79 74 69 63 73 6a 73 2f 20 2a 2f 0a 09 09 09 09 09 09 2f 2a 20 67 61 20 61 6e 64 20 5f 5f 67 61 54 72 61 63 6b 65 72 20 63 6f 6d 70 61 74 69 62 69 6c 69 74 79 20 73 68 69 6d 2e 20 2a 2f 0a 09 09 09 09 09 09 76 61 72 20 6e 6f 6f 70 66 6e 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 0a 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 76 61 72 20 6e 65 77 74 72 61 63 6b 65 72 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 65 77 20 54 72 61 63 6b 65 72 28 29 3b 0a 09 09 09 09 09 09 7d 3b
                                                                                                                                                                                                                          Data Ascii: evelopers.google.com/analytics/devguides/collection/analyticsjs/ *//* ga and __gaTracker compatibility shim. */var noopfn = function () {return null;};var newtracker = function () {return new Tracker();};
                                                                                                                                                                                                                          2024-05-05 12:34:14 UTC1369INData Raw: 74 41 63 74 69 6f 6e 27 3a 20 27 70 61 67 65 5f 76 69 65 77 27 2c 0a 09 09 09 09 09 09 09 09 09 09 09 09 27 70 61 67 65 5f 70 61 74 68 27 3a 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 2c 0a 09 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 4f 62 6a 65 63 74 20 3d 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 35 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 4f 62
                                                                                                                                                                                                                          Data Ascii: tAction': 'page_view','page_path': arguments[2],}}}if (typeof arguments[2] === 'object') {hitObject = arguments[2];}if (typeof arguments[5] === 'object') {Ob
                                                                                                                                                                                                                          2024-05-05 12:34:14 UTC1369INData Raw: 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 09 09 66 6f 72 20 28 61 72 67 20 69 6e 20 61 72 67 73 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 69 66 20 28 21 28 21 61 72 67 73 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 20 7c 7c 20 21 67 61 4d 61 70 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 29 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 67 61 4d 61 70 5b 61 72 67 5d 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 61 72 67 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 68 69 74 3b 0a 09 09 09 09 09
                                                                                                                                                                                                                          Data Ascii: };for (arg in args) {if (!(!args.hasOwnProperty(arg) || !gaMap.hasOwnProperty(arg))) {hit[gaMap[arg]] = args[arg];} else {hit[arg] = args[arg];}}return hit;
                                                                                                                                                                                                                          2024-05-05 12:34:14 UTC1369INData Raw: 70 49 6e 64 65 78 29 29 20 7b 0a 09 09 09 09 09 09 69 74 65 6d 5b 66 69 65 6c 64 4d 61 70 5b 6d 61 70 49 6e 64 65 78 5d 5d 20 3d 20 75 61 49 74 65 6d 5b 6d 61 70 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 7d 0a 09 09 09 09 7d 0a 0a 09 09 09 09 66 6f 72 20 28 70 72 65 66 69 78 49 6e 64 65 78 20 3d 20 30 3b 20 70 72 65 66 69 78 49 6e 64 65 78 20 3c 20 74 6f 42 65 50 72 65 66 69 78 65 64 2e 6c 65 6e 67 74 68 3b 20 70 72 65 66 69 78 49 6e 64 65 78 2b 2b 29 20 7b 0a 09 09 09 09 09 70 72 65 66 69 78 4b 65 79 20 3d 20 74 6f 42 65 50 72 65 66 69 78 65 64 5b 70 72 65 66 69 78 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 75 61 49 74 65 6d 5b 70 72 65 66 69 78 4b 65 79 5d 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 29 20 7b 0a 09 09 09 09
                                                                                                                                                                                                                          Data Ascii: pIndex)) {item[fieldMap[mapIndex]] = uaItem[mapIndex];}}for (prefixIndex = 0; prefixIndex < toBePrefixed.length; prefixIndex++) {prefixKey = toBePrefixed[prefixIndex];if (typeof uaItem[prefixKey] !== 'undefined') {
                                                                                                                                                                                                                          2024-05-05 12:34:14 UTC1369INData Raw: 09 09 63 6f 6e 73 74 20 69 74 65 6d 73 20 3d 20 70 61 72 61 6d 65 74 65 72 73 2e 69 74 65 6d 73 2e 6d 61 70 28 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 68 65 6c 70 65 72 73 2e 6d 61 70 50 72 6f 64 75 63 74 49 74 65 6d 29 3b 0a 09 09 09 09 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 27 65 76 65 6e 74 27 2c 20 27 73 65 6c 65 63 74 5f 69 74 65 6d 27 2c 20 7b 69 74 65 6d 73 3a 20 69 74 65 6d 73 2c 20 73 65 6e 64 5f 74 6f 3a 20 70 61 72 61 6d 65 74 65 72 73 2e 73 65 6e 64 5f 74 6f 7d 29 3b 0a 09 09 09 7d 3b 0a 0a 09 09 09 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 74 72 61 63 6b 65 72 73 5b 27 76 69 65 77 5f 69 74 65 6d 27 5d 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 70 61 72 61 6d
                                                                                                                                                                                                                          Data Ascii: const items = parameters.items.map(MonsterInsightsDualTracker.helpers.mapProductItem);__gtagDataLayer('event', 'select_item', {items: items, send_to: parameters.send_to});};MonsterInsightsDualTracker.trackers['view_item'] = function (param
                                                                                                                                                                                                                          2024-05-05 12:34:14 UTC1369INData Raw: 6e 63 74 69 6f 6e 20 75 28 65 2c 74 2c 6e 29 7b 73 77 69 74 63 68 28 74 29 7b 63 61 73 65 22 66 6c 61 67 22 3a 72 65 74 75 72 6e 20 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 32 36 61 37 5c 75 66 65 30 66 22 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 62 5c 75 32 36 61 37 5c 75 66 65 30 66 22 29 3f 21 31 3a 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 64 38 33 63 5c 75 64 64 66 33 22 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 32 30 30 62 5c 75 64 38 33 63 5c 75 64 64 66 33 22 29 26 26 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 64 62 34 30 5c 75 64 63 36 35 5c 75 64 62
                                                                                                                                                                                                                          Data Ascii: nction u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc65\udb


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          198192.168.2.449955104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:16 UTC884OUTGET /?custom-css=c8bee26073 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912448.9.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:17 UTC820INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:17 GMT
                                                                                                                                                                                                                          Content-Type: text/css;charset=UTF-8
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Mon, 05 May 2025 12:34:17 GMT
                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8F4xjAQii1g9zjtm3bBtd7HKa7%2B4rqaFGInZBN3jEMONGpDddABreKQtj0DjktNT3RSrF%2FiKcNalqZ3UDt7qNjPt42zUxSqAsd0oYpxrXttpAjxd8P2BStDh0WQ%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c3831e353b71-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:17 UTC549INData Raw: 66 31 38 0d 0a 40 69 6d 70 6f 72 74 20 75 72 6c 28 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 26 64 69 73 70 6c 61 79 3d 73 77 61 70 27 29 3b 0a 0a 2f 2a 20 64 69 73 61 62 6c 65 20 64 61 72 6b 20 6d 6f 64 65 20 70 65 6e 64 69 6e 67 20 6d 6f 72 65 20 70 72 65 63 69 73 65 20 77 6f 72 6b 20 2a 2f 0a 2f 2a 20 40 69 6d 70 6f 72 74 20 22 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6d 65 6d 69 6e 7a 2f 63 73 73 2f 64 61 72 6b 6d 6f 64 65 2d 63 75 73 74 6f 6d 2e 63 73 73 22 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 20 64 61 72 6b 29 3b 0a 2a 2f 0a 0a 23 6e 6f 2d 75 73 65 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f
                                                                                                                                                                                                                          Data Ascii: f18@import url('https://fonts.googleapis.com/css2?family=Roboto&display=swap');/* disable dark mode pending more precise work *//* @import "/wp-content/themes/meminz/css/darkmode-custom.css" (prefers-color-scheme: dark);*/#no-use {margin: 0 auto
                                                                                                                                                                                                                          2024-05-05 12:34:17 UTC1369INData Raw: 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 66 6f 63 75 73 0a 7b 0a 09 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 68 6f 76 65 72 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 2e 73 65 6c 65 63 74 65 64 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20
                                                                                                                                                                                                                          Data Ascii: fault .navbar-nav li a:focus{border: none;}.navbar-default .navbar-nav li a:hover,.navbar-default .navbar-nav li a.selected,.navbar-default .navbar-nav .active a,.navbar-default .navbar-nav .dropdown.active a,.navbar-default .navbar-nav .active
                                                                                                                                                                                                                          2024-05-05 12:34:17 UTC1369INData Raw: 0a 09 70 61 64 64 69 6e 67 3a 20 2e 35 65 6d 3b 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 2e 35 65 6d 3b 0a 09 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 37 30 30 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 32 70 78 3b 0a 09 2d 6d 6f 7a 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 77 65 62 6b 69 74 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 6b 68 74 6d 6c 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 3b 0a 09 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 7d 0a 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 61 63 74 69 76 65 2c 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 68 6f 76 65 72 2c 0a 61
                                                                                                                                                                                                                          Data Ascii: padding: .5em;line-height: 2.5em;font-weight: 700;border-width: 2px;-moz-border-radius: .5em;-webkit-border-radius: .5em;-khtml-border-radius: .5em .5em .5em .5em;border-radius: .5em;}a.download_button:active,a.download_button:hover,a
                                                                                                                                                                                                                          2024-05-05 12:34:17 UTC584INData Raw: 6f 6c 6f 72 3a 20 23 45 30 45 30 45 30 3b 0a 09 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 39 41 39 41 39 41 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 31 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 7d 0a 0a 2e 77 70 62 5f 63 6f 6e 74 65 6e 74 5f 65 6c 65 6d 65 6e 74 20 2e 77 70 62 5f 74 61 62 73 5f 6e 61 76 20 7b 0a 09 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 68 69 64 64 65 6e 2c 20 2e 65 64 64 5f 73 6c 5f 6e 6f 5f 6d 61 6e 61 67 65 6d 65 6e 74 2c 20 2e 65 64 64 5f 73 6c 5f 73 74 61 74 75 73 5f 6c 61 62 65 6c 2c 20 2e 65 64 64 2d 73 6c 2d 61 63 74 69 76 65 2c 20 2e
                                                                                                                                                                                                                          Data Ascii: olor: #E0E0E0;border-color: #9A9A9A;border-width: 1px;border-top-left-radius: 6px;border-top-right-radius: 6px;}.wpb_content_element .wpb_tabs_nav {border-style: none;}.hidden, .edd_sl_no_management, .edd_sl_status_label, .edd-sl-active, .
                                                                                                                                                                                                                          2024-05-05 12:34:17 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          199192.168.2.449957104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:16 UTC1015OUTPOST /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 136
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded; charset=UTF-8
                                                                                                                                                                                                                          X-Requested-With: XMLHttpRequest
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912455.2.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:16 UTC136OUTData Raw: 61 63 74 69 6f 6e 3d 65 64 64 75 68 5f 74 72 61 63 6b 5f 68 69 73 74 6f 72 79 26 70 61 67 65 5f 75 72 6c 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 62 69 74 73 75 6d 2e 63 6f 6d 25 32 46 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 25 32 46 25 33 46 64 69 73 63 6f 75 6e 74 25 33 44 42 49 54 53 55 4d 32 35 4f 46 46 25 32 36 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 25 33 44 31 26 72 65 66 65 72 72 65 72 3d
                                                                                                                                                                                                                          Data Ascii: action=edduh_track_history&page_url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&referrer=
                                                                                                                                                                                                                          2024-05-05 12:34:17 UTC1022INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:17 GMT
                                                                                                                                                                                                                          Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                          Content-Length: 120
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          X-Robots-Tag: noindex
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4U6UNnhD7BRGwvab4mWhucte9uIhbyrBTvGtPqd%2FHh4qy%2B6Pg1WjKPPXgjsXOiCWKhck6qqA4H%2BXTU31ns%2B2RXMItA%2B%2FLy7GrRQ2vjVoxMzM8HLTLSBuskFUYoA%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c3855e803b78-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:17 UTC120INData Raw: 7b 22 73 75 63 63 65 73 73 22 3a 74 72 75 65 2c 22 64 61 74 61 22 3a 7b 22 70 61 67 65 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 62 69 74 73 75 6d 2e 63 6f 6d 5c 2f 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 5c 2f 3f 64 69 73 63 6f 75 6e 74 3d 42 49 54 53 55 4d 32 35 4f 46 46 26 23 30 33 38 3b 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 3d 31 22 7d 7d
                                                                                                                                                                                                                          Data Ascii: {"success":true,"data":{"page_url":"https:\/\/bitsum.com\/get-lasso-pro\/?discount=BITSUM25OFF&#038;inproductcoupon=1"}}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          200192.168.2.449958142.251.16.1134434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:16 UTC1235OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912455338&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=3034 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:16 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:16 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          201192.168.2.449959104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:16 UTC924OUTGET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714912453 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912448.9.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:16 UTC747INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:16 GMT
                                                                                                                                                                                                                          Content-Type: text/css
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Fri, 20 Jan 2023 17:33:14 GMT
                                                                                                                                                                                                                          ETag: "1f80ab-0-5f2b571b5b143"
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: MISS
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uPqMcmUf9UolJj%2Fk%2FsV7VUg1iA%2BzkBC0omg6jaYGzYoOwsM0vxQX5W96nVvGcVLi4sGwaZBLynTtotpUZ%2B84cCPD3Fk7N4KZrwDNqC%2BMMBd61kuoJEVMLr2i3cY%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c38619103992-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          202192.168.2.449961142.251.16.1134434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:16 UTC1240OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912447603&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=1&tfd=9557 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:16 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:16 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          203192.168.2.449962104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:17 UTC647OUTGET /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912455.2.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:17 UTC809INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:17 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                          Content-Length: 1
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          X-Robots-Tag: noindex
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3ZanlhFzvY4e6toLLeAeLS9XhpSnhrEeB0kMTCaIwMpku8DZ5rnrC5iVBeu1rp0HrmU8Z9egGO3974xc0swaOchtc5kKDxKzzpjIht1Z3ieCGa1RLhleVGqC1Ng%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c38b18e172ed-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:17 UTC1INData Raw: 30
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          204192.168.2.449963142.251.16.1134434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:17 UTC1240OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912455338&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=2&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=3&tfd=3970 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:17 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:17 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          205192.168.2.449964142.251.16.1134434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:17 UTC1690OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912455338&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr5.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr36.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr64.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true&_e [TRUNCATED]
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:17 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:17 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          206192.168.2.449965192.0.76.34434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:17 UTC686OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=0&rand=0.607764172633884 HTTP/1.1
                                                                                                                                                                                                                          Host: pixel.wp.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: image
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:17 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:17 GMT
                                                                                                                                                                                                                          Content-Type: image/gif
                                                                                                                                                                                                                          Content-Length: 50
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:17 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                          Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          207192.168.2.449967192.0.76.34434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:19 UTC456OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=0&rand=0.607764172633884 HTTP/1.1
                                                                                                                                                                                                                          Host: pixel.wp.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:19 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:19 GMT
                                                                                                                                                                                                                          Content-Type: image/gif
                                                                                                                                                                                                                          Content-Length: 50
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:19 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                          Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          208192.168.2.44996644.237.131.1214434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:19 UTC660OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 3480
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://m.stripe.network
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://m.stripe.network/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7
                                                                                                                                                                                                                          2024-05-05 12:34:19 UTC3480OUTData Raw: 4a 54 64 43 4a 54 49 79 64 6a 49 6c 4d 6a 49 6c 4d 30 45 78 4a 54 4a 44 4a 54 49 79 61 57 51 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 49 33 4d 47 4d 79 4d 44 6b 35 4d 54 67 7a 59 6a 63 30 5a 6a 6b 32 4e 47 51 35 4f 57 51 79 5a 47 52 6b 5a 6d 4e 6d 4f 54 68 69 59 69 55 79 4d 69 55 79 51 79 55 79 4d 6e 51 6c 4d 6a 49 6c 4d 30 45 79 4d 79 34 30 4a 54 4a 44 4a 54 49 79 64 47 46 6e 4a 54 49 79 4a 54 4e 42 4a 54 49 79 4e 43 34 31 4c 6a 51 7a 4a 54 49 79 4a 54 4a 44 4a 54 49 79 63 33 4a 6a 4a 54 49 79 4a 54 4e 42 4a 54 49 79 61 6e 4d 6c 4d 6a 49 6c 4d 6b 4d 6c 4d 6a 4a 68 4a 54 49 79 4a 54 4e 42 4a 54 64 43 4a 54 49 79 59 53 55 79 4d 69 55 7a 51 53 55 33 51 69 55 79 4d 6e 59 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 4a 30 63 6e 56 6c 4a 54 49 79 4a 54 4a 44 4a 54 49 79 64 43 55
                                                                                                                                                                                                                          Data Ascii: JTdCJTIydjIlMjIlM0ExJTJDJTIyaWQlMjIlM0ElMjI3MGMyMDk5MTgzYjc0Zjk2NGQ5OWQyZGRkZmNmOThiYiUyMiUyQyUyMnQlMjIlM0EyMy40JTJDJTIydGFnJTIyJTNBJTIyNC41LjQzJTIyJTJDJTIyc3JjJTIyJTNBJTIyanMlMjIlMkMlMjJhJTIyJTNBJTdCJTIyYSUyMiUzQSU3QiUyMnYlMjIlM0ElMjJ0cnVlJTIyJTJDJTIydCU
                                                                                                                                                                                                                          2024-05-05 12:34:19 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:19 GMT
                                                                                                                                                                                                                          Content-Length: 156
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          set-cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7;Expires=Tue, 05-May-2026 12:34:19 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                          x-content-type-options: nosniff
                                                                                                                                                                                                                          x-stripe-server-envoy-start-time-us: 1714912459512324
                                                                                                                                                                                                                          x-stripe-server-envoy-upstream-service-time-ms: 2
                                                                                                                                                                                                                          x-envoy-attempt-count: 1
                                                                                                                                                                                                                          x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                          x-stripe-client-envoy-start-time-us: 1714912459511954
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:34:19 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 64 61 61 33 63 63 35 32 2d 32 38 33 34 2d 34 65 61 31 2d 61 34 36 63 2d 35 37 62 37 36 35 36 63 65 66 62 39 37 39 30 32 65 39 22 2c 22 67 75 69 64 22 3a 22 32 36 39 37 37 36 30 38 2d 65 39 30 32 2d 34 39 63 37 2d 38 39 30 61 2d 38 63 66 35 61 62 30 66 38 66 31 32 35 62 63 30 65 37 22 2c 22 73 69 64 22 3a 22 65 63 66 34 65 66 37 35 2d 33 36 35 63 2d 34 37 39 33 2d 62 30 65 36 2d 63 39 34 34 37 39 38 37 35 38 39 36 38 61 32 61 36 35 22 7d
                                                                                                                                                                                                                          Data Ascii: {"muid":"daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9","guid":"26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7","sid":"ecf4ef75-365c-4793-b0e6-c944798758968a2a65"}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          209192.168.2.44996844.240.201.864434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:20 UTC433OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7; cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9
                                                                                                                                                                                                                          2024-05-05 12:34:20 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:20 GMT
                                                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                                                          Content-Length: 138
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Location: https://stripe.com
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:34:20 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                          Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          210192.168.2.449969198.202.176.814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:20 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                          Host: stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
                                                                                                                                                                                                                          2024-05-05 12:34:21 UTC4216INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:21 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                          Content-Length: 2253471
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                          Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                          Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                          Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                          Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                          X-Mkt-Cache: HIT
                                                                                                                                                                                                                          X-Wis-Cache-Control: max-age=300
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                          2024-05-05 12:34:21 UTC12168INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                          2024-05-05 12:34:21 UTC16384INData Raw: 64 20 2e 53 65 63 74 69 6f 6e 5f 5f 6c 61 79 6f 75 74 7b 2d 2d 73 65 63 74 69 6f 6e 50 61 64 64 69 6e 67 54 6f 70 3a 30 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 3a 32 35 30 6d 73 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 53 70 61 63 69 6e 67 3a 31 33 70 78 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a
                                                                                                                                                                                                                          Data Ascii: d .Section__layout{--sectionPaddingTop:0}</style><style>.SiteHeader{--siteMenuTransition:250ms;--siteMenuArrowSpacing:13px;--siteMenuArrowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:
                                                                                                                                                                                                                          2024-05-05 12:34:21 UTC16384INData Raw: 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 31 32 30 25 29 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 2c 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 62 61 63 6b 42 75 74 74 6f 6e 7b 6f 70 61 63 69 74 79 3a 30 3b 76 69 73 69 62 69 6c 69 74 79 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 49 6e 29 3b 70 6f 69 6e 74 65 72 2d 65 76 65 6e 74 73 3a 6e 6f
                                                                                                                                                                                                                          Data Ascii: -color:transparent}.MobileMenu--isSubMenuActive .MobileMenu__logo{transform:translateX(-120%)}.MobileMenu--isSubMenuActive .MobileMenu__logo,.MobileMenu__backButton{opacity:0;visibility:hidden;transition:var(--siteMobileMenuTransitionIn);pointer-events:no
                                                                                                                                                                                                                          2024-05-05 12:34:21 UTC16384INData Raw: 69 6f 6e 2d 70 72 6f 70 65 72 74 79 3a 74 72 61 6e 73 66 6f 72 6d 3b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 7a 2d 69 6e 64 65 78 3a 32 7d 2e 53 69 74 65 48 65 61 64 65 72 2d 2d 64 72 6f 70 64 6f 77 6e 56 69 73 69 62 6c 65 20 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 59 28 30 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 29 29 20 72 6f 74 61 74 65 28 34 35 64 65 67 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e
                                                                                                                                                                                                                          Data Ascii: ion-property:transform;transition-duration:var(--siteMenuTransition);z-index:2}.SiteHeader--dropdownVisible .SiteHeaderArrow{transform:translateY(0) translateX(var(--siteMenuArrowOffset)) rotate(45deg)}@media (max-width:899px){.SiteHeaderArrow{display:non
                                                                                                                                                                                                                          2024-05-05 12:34:21 UTC16384INData Raw: 61 64 65 72 2c 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 3d 65 73 2d 75 73 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 37 38 70 78 7d 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 2a 3d 6a 61 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 36 36 70 78 7d 7d 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 76 61 72 28 2d 2d 63 61 70 74 69 6f 6e 4d 61 72 67 69 6e 54 6f 70 29 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 36 30 30 70 78 29 7b 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 69 6e 2d 77 69 64 74 68
                                                                                                                                                                                                                          Data Ascii: ader,.MktRoot[lang=es-us] .HomepageHeroHeader{--titleFontSize:78px}.MktRoot[lang*=ja] .HomepageHeroHeader{--titleFontSize:66px}}.HomepageHeroHeader__caption{margin-top:var(--captionMarginTop)}@media (min-width:600px){.HomepageHeroHeader__caption{min-width
                                                                                                                                                                                                                          2024-05-05 12:34:21 UTC16384INData Raw: 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 5a 28 30 29 7d 2e 46 61 63 65 2e 69 73 2d 70 68 6f 6e 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 7b 6f 70 61 63 69 74 79 3a 31 3b 74 72 61 6e 73 66 6f 72 6d 3a 70 65 72 73 70 65 63 74 69 76 65 28 35 30 30 70 78 29 20 74 72 61 6e 73 6c 61 74 65 59 28 31 32 70 78 29 20 72 6f 74 61 74 65 58 28 30 64 65 67 29 3b 61 6e 69 6d 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 66 61 63 65 41 6e 69 6d 61 74 69 6f 6e 44 69 73 61 62 6c 65 64 2c 70 68 6f 6e 65 2d 74 61 70 20 32 2e 37 73 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 66 6f 72 77 61 72 64 73 20 69 6e 66 69 6e 69 74 65 20 2e 34 73 29 7d 2e 46 61 63 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 43 6c 69 70 2c 2e 46 61 63 65 20 2e 46 61 63
                                                                                                                                                                                                                          Data Ascii: flow:hidden;transform:translateZ(0)}.Face.is-phone .Face__phone{opacity:1;transform:perspective(500px) translateY(12px) rotateX(0deg);animation:var(--faceAnimationDisabled,phone-tap 2.7s ease-in-out forwards infinite .4s)}.Face .Face__phoneClip,.Face .Fac
                                                                                                                                                                                                                          2024-05-05 12:34:21 UTC16384INData Raw: 66 36 66 39 66 63 3b 2d 2d 67 72 69 64 53 75 62 63 61 72 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 2d 2d 74 61 62 6c 65 49 63 6f 6e 43 6f 6c 6f 72 3a 23 38 63 39 65 62 31 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 57 68 69 74 65 3a 23 66 66 66 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 4c 69 67 68 74 3a 23 65 33 65 37 65 63 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 44 61 72 6b 3a 23 30 61 32 35 34 30 3b 2d 2d 62 75 6c 6c 65 74 43 6f 6c 6f 72 3a 23 63 66 64 37 64 66 3b 2d 2d 66 6f 6f 74 6e 6f 74 65 54 65 78 74 43 6f 6c 6f 72 3a 23 34 64 35 62 37 38 3b 2d 2d 64 69 73 63 6c 61 69 6d 65 72 54 65 78 74 43 6f 6c 6f 72 3a 23 37 30 37 66 39 38 3b 2d 2d 69 6e 6c 69 6e 65 43 6f 64 65 54 65 78 74 43 6f 6c 6f 72 3a 23 32 63 33 61 35 37 3b 2d 2d 69 6e
                                                                                                                                                                                                                          Data Ascii: f6f9fc;--gridSubcardBackground:#fff;--tableIconColor:#8c9eb1;--stripeAccentWhite:#fff;--stripeAccentLight:#e3e7ec;--stripeAccentDark:#0a2540;--bulletColor:#cfd7df;--footnoteTextColor:#4d5b78;--disclaimerTextColor:#707f98;--inlineCodeTextColor:#2c3a57;--in
                                                                                                                                                                                                                          2024-05-05 12:34:21 UTC16384INData Raw: 6f 6c 6f 72 3a 23 66 61 62 30 30 30 7d 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 66 66 63 65 34 38 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 66 6c 61 76 6f 72 2d 2d 54 72 6f 70 69 63 61 6c 7b 2d 2d 62 6c 65 6e 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 38 30 65 39 66 66 3b 2d 2d 62 6c 65 6e 64 49 6e 74 65 72 73 65 63 74 69 6f 6e 3a 23 30 30 34 38 65 35 3b 2d 2d 62 6c 65 6e 64 46 6f 72 65 67 72 6f 75 6e 64 3a 23 37 61 37 33 66 66 3b 2d 2d 67 72 61 64 69 65 6e 74 43 6f 6c 6f 72 5a 65 72 6f
                                                                                                                                                                                                                          Data Ascii: olor:#fab000}.flavor--Sunset.theme--Dark.accent--Yellow,.flavor--Sunset.theme--Dark .accent--Yellow{--accentColor:#ffce48}</style><style>.flavor--Tropical{--blendBackground:#80e9ff;--blendIntersection:#0048e5;--blendForeground:#7a73ff;--gradientColorZero
                                                                                                                                                                                                                          2024-05-05 12:34:21 UTC16384INData Raw: 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 49 6e 76 6f 69 63 69 6e 67 46 65 61 74 75 72 65 47 72 61 70 68 69 63 2d 64 62 39 35 66 36 63 62 66 61 36 33 38 63 63 61 31 35 31 65 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 44 65 76 65 6c 6f 70 65 72 73
                                                                                                                                                                                                                          Data Ascii: esheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/InvoicingFeatureGraphic-db95f6cbfa638cca151e.css" media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Developers
                                                                                                                                                                                                                          2024-05-05 12:34:21 UTC16384INData Raw: 36 47 48 48 37 4e 46 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 50 61 79 6d 65 6e 74 73 41 6e 69 6d 61 74 69 6f 6e 2d 56 43 35 4d 44 35 32 51 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 49 63 6f 6e 47 72 69 64 2d 53 52 36 44 55 4d 59 43 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68
                                                                                                                                                                                                                          Data Ascii: 6GHH7NF.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorPaymentsAnimation-VC5MD52Q.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorIconGrid-SR6DUMYC.js"},{"critical":false,"path


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          211192.168.2.449970104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:21 UTC996OUTGET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                          Sec-Fetch-User: ?1
                                                                                                                                                                                                                          Sec-Fetch-Dest: document
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912456.1.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:22 UTC1041INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:22 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                          Link: <https://bitsum.com/wp-json/>; rel="https://api.w.org/"
                                                                                                                                                                                                                          Link: <https://bitsum.com/wp-json/wp/v2/pages/26649>; rel="alternate"; type="application/json"
                                                                                                                                                                                                                          Link: <https://bitsum.com/?p=26649>; rel=shortlink
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LP%2BbPP%2BdVHCIcxM7BKcFQVXwTUNFUnOtGJ98T9c1xTyXlgXPKkjqVi1LRtljNsLEf0zNO%2BpBnfQ%2BS8a%2FaWJh2KwmouR%2By4qdb18kWUHi4pjnRrHwPWOR9HtmhaE%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c3a7c95781ee-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:22 UTC328INData Raw: 37 62 61 33 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65
                                                                                                                                                                                                                          Data Ascii: 7ba3<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><link rel="profile" href="http://gmpg.org/xfn/11" /><link rel="pingback" href="https://bitsum.com/xmlrpc.php" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta name
                                                                                                                                                                                                                          2024-05-05 12:34:22 UTC1369INData Raw: 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 66 61 76 69 63 6f 6e 2e 70 6e 67 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 47 65 74 20 50 72 6f 63 65 73 73 20 4c 61 73 73 6f 20 50 72 6f 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f
                                                                                                                                                                                                                          Data Ascii: viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /><link rel="shortcut icon" href="https://bitsum.com/wp-content/uploads/favicon.png" type="image/x-icon" /><title>Get Process Lasso Pro</title><meta name="ro
                                                                                                                                                                                                                          2024-05-05 12:34:22 UTC1369INData Raw: 64 65 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 29 20 3a 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 65 66 61 75 6c 74 4c 6f 63 61 74 69 6f 6e 73 20 29 3b 0a 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 76 61 72 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 4c 6f 63 61 74 69 6f 6e 73 20 3d 20 28 74 79 70 65 6f 66 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65
                                                                                                                                                                                                                          Data Ascii: deQuery === 'object') ? MonsterInsightsPrivacyGuardFilter( MonsterInsightsExcludeQuery ) : MonsterInsightsPrivacyGuardFilter( MonsterInsightsDefaultLocations );} else {var MonsterInsightsLocations = (typeof MonsterInsightsExcludeQuery === 'obje
                                                                                                                                                                                                                          2024-05-05 12:34:22 UTC1369INData Raw: 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 20 3d 20 7b 0a 09 09 09 09 09 68 65 6c 70 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 09 74 72 61 63 6b 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 7d 3b 0a 09 09 09 09 69 66 20 28 6d 69 5f 74 72 61 63 6b 5f 75 73 65 72 29 20 7b 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 29 20 7b 0a 09 09 09 09 09 09 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 0a 09 09 09 09 09 7d 0a 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 54 72 61 63 6b 65 72 28 74 79 70 65 2c 20 6e 61 6d 65 2c 20 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 69 66 20 28 21 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09
                                                                                                                                                                                                                          Data Ascii: sterInsightsDualTracker = {helpers: {},trackers: {},};if (mi_track_user) {function __gtagDataLayer() {dataLayer.push(arguments);}function __gtagTracker(type, name, parameters) {if (!parameters) {
                                                                                                                                                                                                                          2024-05-05 12:34:22 UTC1369INData Raw: 20 68 74 74 70 73 3a 2f 2f 64 65 76 65 6c 6f 70 65 72 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 6e 61 6c 79 74 69 63 73 2f 64 65 76 67 75 69 64 65 73 2f 63 6f 6c 6c 65 63 74 69 6f 6e 2f 61 6e 61 6c 79 74 69 63 73 6a 73 2f 20 2a 2f 0a 09 09 09 09 09 09 2f 2a 20 67 61 20 61 6e 64 20 5f 5f 67 61 54 72 61 63 6b 65 72 20 63 6f 6d 70 61 74 69 62 69 6c 69 74 79 20 73 68 69 6d 2e 20 2a 2f 0a 09 09 09 09 09 09 76 61 72 20 6e 6f 6f 70 66 6e 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 0a 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 76 61 72 20 6e 65 77 74 72 61 63 6b 65 72 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 65 77 20 54 72 61 63 6b 65 72 28 29
                                                                                                                                                                                                                          Data Ascii: https://developers.google.com/analytics/devguides/collection/analyticsjs/ *//* ga and __gaTracker compatibility shim. */var noopfn = function () {return null;};var newtracker = function () {return new Tracker()
                                                                                                                                                                                                                          2024-05-05 12:34:22 UTC1369INData Raw: 09 09 09 09 09 27 65 76 65 6e 74 41 63 74 69 6f 6e 27 3a 20 27 70 61 67 65 5f 76 69 65 77 27 2c 0a 09 09 09 09 09 09 09 09 09 09 09 09 27 70 61 67 65 5f 70 61 74 68 27 3a 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 2c 0a 09 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 4f 62 6a 65 63 74 20 3d 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 35 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09
                                                                                                                                                                                                                          Data Ascii: 'eventAction': 'page_view','page_path': arguments[2],}}}if (typeof arguments[2] === 'object') {hitObject = arguments[2];}if (typeof arguments[5] === 'object') {
                                                                                                                                                                                                                          2024-05-05 12:34:22 UTC1369INData Raw: 72 72 65 72 27 2c 0a 09 09 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 09 09 66 6f 72 20 28 61 72 67 20 69 6e 20 61 72 67 73 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 69 66 20 28 21 28 21 61 72 67 73 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 20 7c 7c 20 21 67 61 4d 61 70 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 29 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 67 61 4d 61 70 5b 61 72 67 5d 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 61 72 67 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 72 65 74 75 72 6e 20
                                                                                                                                                                                                                          Data Ascii: rrer',};for (arg in args) {if (!(!args.hasOwnProperty(arg) || !gaMap.hasOwnProperty(arg))) {hit[gaMap[arg]] = args[arg];} else {hit[arg] = args[arg];}}return
                                                                                                                                                                                                                          2024-05-05 12:34:22 UTC1369INData Raw: 72 6f 70 65 72 74 79 28 6d 61 70 49 6e 64 65 78 29 29 20 7b 0a 09 09 09 09 09 09 69 74 65 6d 5b 66 69 65 6c 64 4d 61 70 5b 6d 61 70 49 6e 64 65 78 5d 5d 20 3d 20 75 61 49 74 65 6d 5b 6d 61 70 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 7d 0a 09 09 09 09 7d 0a 0a 09 09 09 09 66 6f 72 20 28 70 72 65 66 69 78 49 6e 64 65 78 20 3d 20 30 3b 20 70 72 65 66 69 78 49 6e 64 65 78 20 3c 20 74 6f 42 65 50 72 65 66 69 78 65 64 2e 6c 65 6e 67 74 68 3b 20 70 72 65 66 69 78 49 6e 64 65 78 2b 2b 29 20 7b 0a 09 09 09 09 09 70 72 65 66 69 78 4b 65 79 20 3d 20 74 6f 42 65 50 72 65 66 69 78 65 64 5b 70 72 65 66 69 78 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 75 61 49 74 65 6d 5b 70 72 65 66 69 78 4b 65 79 5d 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65
                                                                                                                                                                                                                          Data Ascii: roperty(mapIndex)) {item[fieldMap[mapIndex]] = uaItem[mapIndex];}}for (prefixIndex = 0; prefixIndex < toBePrefixed.length; prefixIndex++) {prefixKey = toBePrefixed[prefixIndex];if (typeof uaItem[prefixKey] !== 'undefine
                                                                                                                                                                                                                          2024-05-05 12:34:22 UTC1369INData Raw: 74 65 72 73 29 20 7b 0a 09 09 09 09 63 6f 6e 73 74 20 69 74 65 6d 73 20 3d 20 70 61 72 61 6d 65 74 65 72 73 2e 69 74 65 6d 73 2e 6d 61 70 28 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 68 65 6c 70 65 72 73 2e 6d 61 70 50 72 6f 64 75 63 74 49 74 65 6d 29 3b 0a 09 09 09 09 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 27 65 76 65 6e 74 27 2c 20 27 73 65 6c 65 63 74 5f 69 74 65 6d 27 2c 20 7b 69 74 65 6d 73 3a 20 69 74 65 6d 73 2c 20 73 65 6e 64 5f 74 6f 3a 20 70 61 72 61 6d 65 74 65 72 73 2e 73 65 6e 64 5f 74 6f 7d 29 3b 0a 09 09 09 7d 3b 0a 0a 09 09 09 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 74 72 61 63 6b 65 72 73 5b 27 76 69 65 77 5f 69 74 65 6d 27 5d 20 3d 20 66 75 6e 63 74
                                                                                                                                                                                                                          Data Ascii: ters) {const items = parameters.items.map(MonsterInsightsDualTracker.helpers.mapProductItem);__gtagDataLayer('event', 'select_item', {items: items, send_to: parameters.send_to});};MonsterInsightsDualTracker.trackers['view_item'] = funct
                                                                                                                                                                                                                          2024-05-05 12:34:22 UTC1369INData Raw: 3d 72 5b 74 5d 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 75 28 65 2c 74 2c 6e 29 7b 73 77 69 74 63 68 28 74 29 7b 63 61 73 65 22 66 6c 61 67 22 3a 72 65 74 75 72 6e 20 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 32 36 61 37 5c 75 66 65 30 66 22 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 62 5c 75 32 36 61 37 5c 75 66 65 30 66 22 29 3f 21 31 3a 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 64 38 33 63 5c 75 64 64 66 33 22 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 32 30 30 62 5c 75 64 38 33 63 5c 75 64 64 66 33 22 29 26 26 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 64 62 34 30
                                                                                                                                                                                                                          Data Ascii: =r[t]})}function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          212192.168.2.449971104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:23 UTC884OUTGET /?custom-css=c8bee26073 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912456.1.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:24 UTC824INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:24 GMT
                                                                                                                                                                                                                          Content-Type: text/css;charset=UTF-8
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Mon, 05 May 2025 12:34:24 GMT
                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MvKA5%2B%2BnKUTGRFB7ZxYrYU1xdiHnGv96zFGENF8%2FvICNJ7ZDOke9gs3pCCx9UFfaJp2Q4lX9DgG46EIzFlMI2IcZYzHMkKuR9pWfeeax7l%2FU0pUbkHrFPm4uOdk%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c3b3ffef5b5e-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:24 UTC545INData Raw: 66 31 38 0d 0a 40 69 6d 70 6f 72 74 20 75 72 6c 28 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 26 64 69 73 70 6c 61 79 3d 73 77 61 70 27 29 3b 0a 0a 2f 2a 20 64 69 73 61 62 6c 65 20 64 61 72 6b 20 6d 6f 64 65 20 70 65 6e 64 69 6e 67 20 6d 6f 72 65 20 70 72 65 63 69 73 65 20 77 6f 72 6b 20 2a 2f 0a 2f 2a 20 40 69 6d 70 6f 72 74 20 22 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6d 65 6d 69 6e 7a 2f 63 73 73 2f 64 61 72 6b 6d 6f 64 65 2d 63 75 73 74 6f 6d 2e 63 73 73 22 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 20 64 61 72 6b 29 3b 0a 2a 2f 0a 0a 23 6e 6f 2d 75 73 65 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f
                                                                                                                                                                                                                          Data Ascii: f18@import url('https://fonts.googleapis.com/css2?family=Roboto&display=swap');/* disable dark mode pending more precise work *//* @import "/wp-content/themes/meminz/css/darkmode-custom.css" (prefers-color-scheme: dark);*/#no-use {margin: 0 auto
                                                                                                                                                                                                                          2024-05-05 12:34:24 UTC1369INData Raw: 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 66 6f 63 75 73 0a 7b 0a 09 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 68 6f 76 65 72 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 2e 73 65 6c 65 63 74 65 64 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74
                                                                                                                                                                                                                          Data Ascii: r-default .navbar-nav li a:focus{border: none;}.navbar-default .navbar-nav li a:hover,.navbar-default .navbar-nav li a.selected,.navbar-default .navbar-nav .active a,.navbar-default .navbar-nav .dropdown.active a,.navbar-default .navbar-nav .act
                                                                                                                                                                                                                          2024-05-05 12:34:24 UTC1369INData Raw: 30 30 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 2e 35 65 6d 3b 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 2e 35 65 6d 3b 0a 09 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 37 30 30 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 32 70 78 3b 0a 09 2d 6d 6f 7a 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 77 65 62 6b 69 74 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 6b 68 74 6d 6c 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 3b 0a 09 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 7d 0a 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 61 63 74 69 76 65 2c 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 68 6f 76 65
                                                                                                                                                                                                                          Data Ascii: 000;padding: .5em;line-height: 2.5em;font-weight: 700;border-width: 2px;-moz-border-radius: .5em;-webkit-border-radius: .5em;-khtml-border-radius: .5em .5em .5em .5em;border-radius: .5em;}a.download_button:active,a.download_button:hove
                                                                                                                                                                                                                          2024-05-05 12:34:24 UTC588INData Raw: 6e 64 2d 63 6f 6c 6f 72 3a 20 23 45 30 45 30 45 30 3b 0a 09 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 39 41 39 41 39 41 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 31 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 7d 0a 0a 2e 77 70 62 5f 63 6f 6e 74 65 6e 74 5f 65 6c 65 6d 65 6e 74 20 2e 77 70 62 5f 74 61 62 73 5f 6e 61 76 20 7b 0a 09 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 68 69 64 64 65 6e 2c 20 2e 65 64 64 5f 73 6c 5f 6e 6f 5f 6d 61 6e 61 67 65 6d 65 6e 74 2c 20 2e 65 64 64 5f 73 6c 5f 73 74 61 74 75 73 5f 6c 61 62 65 6c 2c 20 2e 65 64 64 2d 73 6c 2d 61 63 74 69 76
                                                                                                                                                                                                                          Data Ascii: nd-color: #E0E0E0;border-color: #9A9A9A;border-width: 1px;border-top-left-radius: 6px;border-top-right-radius: 6px;}.wpb_content_element .wpb_tabs_nav {border-style: none;}.hidden, .edd_sl_no_management, .edd_sl_status_label, .edd-sl-activ
                                                                                                                                                                                                                          2024-05-05 12:34:24 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          213192.168.2.44997235.190.80.14434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:24 UTC517OUTOPTIONS /report/v4?s=3ZanlhFzvY4e6toLLeAeLS9XhpSnhrEeB0kMTCaIwMpku8DZ5rnrC5iVBeu1rp0HrmU8Z9egGO3974xc0swaOchtc5kKDxKzzpjIht1Z3ieCGa1RLhleVGqC1Ng%3D HTTP/1.1
                                                                                                                                                                                                                          Host: a.nel.cloudflare.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          Access-Control-Request-Method: POST
                                                                                                                                                                                                                          Access-Control-Request-Headers: content-type
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:24 UTC336INHTTP/1.1 200 OK
                                                                                                                                                                                                                          content-length: 0
                                                                                                                                                                                                                          access-control-max-age: 86400
                                                                                                                                                                                                                          access-control-allow-methods: OPTIONS, POST
                                                                                                                                                                                                                          access-control-allow-origin: *
                                                                                                                                                                                                                          access-control-allow-headers: content-type, content-length
                                                                                                                                                                                                                          date: Sun, 05 May 2024 12:34:23 GMT
                                                                                                                                                                                                                          Via: 1.1 google
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          214192.168.2.449859151.101.128.1764434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:24 UTC618OUTGET /v3/?ver=v3 HTTP/1.1
                                                                                                                                                                                                                          Host: js.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: script
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          If-None-Match: "2692eab1e562bacee19ab5e8f3b0b448"
                                                                                                                                                                                                                          If-Modified-Since: Sat, 04 May 2024 04:29:46 GMT
                                                                                                                                                                                                                          2024-05-05 12:34:24 UTC440INHTTP/1.1 304 Not Modified
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:24 GMT
                                                                                                                                                                                                                          Via: 1.1 varnish
                                                                                                                                                                                                                          Cache-Control: max-age=60
                                                                                                                                                                                                                          ETag: "2692eab1e562bacee19ab5e8f3b0b448"
                                                                                                                                                                                                                          X-Request-ID: e6342bfc-c1c0-44a6-a6e8-997615164530
                                                                                                                                                                                                                          X-Served-By: cache-ewr18132-EWR
                                                                                                                                                                                                                          X-Cache: HIT
                                                                                                                                                                                                                          X-Cache-Hits: 0
                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Timing-Allow-Origin: *


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          215192.168.2.449973104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:24 UTC924OUTGET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714912462 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912456.1.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:24 UTC743INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:24 GMT
                                                                                                                                                                                                                          Content-Type: text/css
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Fri, 20 Jan 2023 17:33:14 GMT
                                                                                                                                                                                                                          ETag: "1f80ab-0-5f2b571b5b143"
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: MISS
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7SrzLRaFd8dLdWeXayITlGBFTnVpWJLzCg3kqrijTfZmLsHiWwB5ejH5NHHPaX79FhuO25dmg5noUuvcxNHlT8PIHceLtTgK8lNmnbj3%2F5LVVjy%2BZkdn9T%2FtzlU%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c3b77ef53b54-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          216192.168.2.44997435.190.80.14434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:24 UTC465OUTPOST /report/v4?s=3ZanlhFzvY4e6toLLeAeLS9XhpSnhrEeB0kMTCaIwMpku8DZ5rnrC5iVBeu1rp0HrmU8Z9egGO3974xc0swaOchtc5kKDxKzzpjIht1Z3ieCGa1RLhleVGqC1Ng%3D HTTP/1.1
                                                                                                                                                                                                                          Host: a.nel.cloudflare.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 3245
                                                                                                                                                                                                                          Content-Type: application/reports+json
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:24 UTC3245OUTData Raw: 5b 7b 22 61 67 65 22 3a 35 35 39 38 33 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 34 30 30 34 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 30 34 2e 32 36 2e 35 2e 31 30 32 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 34 30 30 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 65 72 72 6f 72 22 7d 2c 22 74 79 70 65 22 3a 22 6e 65 74 77 6f 72 6b 2d 65 72 72 6f 72 22 2c 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 77
                                                                                                                                                                                                                          Data Ascii: [{"age":55983,"body":{"elapsed_time":4004,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"","sampling_fraction":1.0,"server_ip":"104.26.5.102","status_code":400,"type":"http.error"},"type":"network-error","url":"https://bitsum.com/w
                                                                                                                                                                                                                          2024-05-05 12:34:24 UTC168INHTTP/1.1 200 OK
                                                                                                                                                                                                                          content-length: 0
                                                                                                                                                                                                                          date: Sun, 05 May 2024 12:34:24 GMT
                                                                                                                                                                                                                          Via: 1.1 google
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          217192.168.2.449975104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:24 UTC1015OUTPOST /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 136
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded; charset=UTF-8
                                                                                                                                                                                                                          X-Requested-With: XMLHttpRequest
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912456.1.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:24 UTC136OUTData Raw: 61 63 74 69 6f 6e 3d 65 64 64 75 68 5f 74 72 61 63 6b 5f 68 69 73 74 6f 72 79 26 70 61 67 65 5f 75 72 6c 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 62 69 74 73 75 6d 2e 63 6f 6d 25 32 46 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 25 32 46 25 33 46 64 69 73 63 6f 75 6e 74 25 33 44 42 49 54 53 55 4d 32 35 4f 46 46 25 32 36 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 25 33 44 31 26 72 65 66 65 72 72 65 72 3d
                                                                                                                                                                                                                          Data Ascii: action=edduh_track_history&page_url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&referrer=
                                                                                                                                                                                                                          2024-05-05 12:34:25 UTC1022INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:25 GMT
                                                                                                                                                                                                                          Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                          Content-Length: 120
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          X-Robots-Tag: noindex
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BdBilOmD7ENT%2BNVqwyWrsJ1g%2BDP99%2FnPtYyNL5F8KPjrfXPqXBI2GeYRN0asodIR6GAFaPx1%2Bs3mTmWG%2F9kZnRyBcxQX6%2FNTL6vnUQvXPxwXrjrMjCRukWyM3IU%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c3b92c603b96-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:25 UTC120INData Raw: 7b 22 73 75 63 63 65 73 73 22 3a 74 72 75 65 2c 22 64 61 74 61 22 3a 7b 22 70 61 67 65 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 62 69 74 73 75 6d 2e 63 6f 6d 5c 2f 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 5c 2f 3f 64 69 73 63 6f 75 6e 74 3d 42 49 54 53 55 4d 32 35 4f 46 46 26 23 30 33 38 3b 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 3d 31 22 7d 7d
                                                                                                                                                                                                                          Data Ascii: {"success":true,"data":{"page_url":"https:\/\/bitsum.com\/get-lasso-pro\/?discount=BITSUM25OFF&#038;inproductcoupon=1"}}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          218192.168.2.449977216.239.38.1814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:24 UTC1242OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912463067&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=2970 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:24 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:24 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          219192.168.2.449976216.239.38.1814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:24 UTC1234OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912463067&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=2&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&tfd=3056 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:25 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:24 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          220192.168.2.449978216.239.38.1814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:24 UTC1682OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912463067&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr5.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr36.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr64.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true&tf [TRUNCATED]
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:25 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:24 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          221192.168.2.449979192.0.76.34434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:24 UTC690OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3177&rand=0.6102218130973263 HTTP/1.1
                                                                                                                                                                                                                          Host: pixel.wp.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: image
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:25 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:25 GMT
                                                                                                                                                                                                                          Content-Type: image/gif
                                                                                                                                                                                                                          Content-Length: 50
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:25 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                          Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          222192.168.2.449980216.239.38.1814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:25 UTC1241OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912455338&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=2&tfd=11391 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:25 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:25 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          223192.168.2.449982192.0.76.34434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:25 UTC460OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3177&rand=0.6102218130973263 HTTP/1.1
                                                                                                                                                                                                                          Host: pixel.wp.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:25 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:25 GMT
                                                                                                                                                                                                                          Content-Type: image/gif
                                                                                                                                                                                                                          Content-Length: 50
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:25 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                          Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          224192.168.2.449983104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:25 UTC648OUTGET /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912463.60.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:25 UTC815INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:25 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                          Content-Length: 1
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          X-Robots-Tag: noindex
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HjDy2m%2FxacTnCngMcpCTfVODROhDFCoylD5LsOOo9XOgrgjoVwPrbjAjrVFIUIGWnWaqFMjRB%2F3FgyKzk2WBOpnQ5OkYgCMOVT%2F2p5zFZuhdUKFdiMQ57fjb34c%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c3bd7c5781ac-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:25 UTC1INData Raw: 30
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          225192.168.2.44998144.237.131.1214434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:25 UTC660OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 3508
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://m.stripe.network
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://m.stripe.network/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7
                                                                                                                                                                                                                          2024-05-05 12:34:25 UTC3508OUTData Raw: 4a 54 64 43 4a 54 49 79 64 6a 49 6c 4d 6a 49 6c 4d 30 45 78 4a 54 4a 44 4a 54 49 79 61 57 51 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 49 33 4d 47 4d 79 4d 44 6b 35 4d 54 67 7a 59 6a 63 30 5a 6a 6b 32 4e 47 51 35 4f 57 51 79 5a 47 52 6b 5a 6d 4e 6d 4f 54 68 69 59 69 55 79 4d 69 55 79 51 79 55 79 4d 6e 51 6c 4d 6a 49 6c 4d 30 45 79 4e 69 34 31 4a 54 4a 44 4a 54 49 79 64 47 46 6e 4a 54 49 79 4a 54 4e 42 4a 54 49 79 4e 43 34 31 4c 6a 51 7a 4a 54 49 79 4a 54 4a 44 4a 54 49 79 63 33 4a 6a 4a 54 49 79 4a 54 4e 42 4a 54 49 79 61 6e 4d 6c 4d 6a 49 6c 4d 6b 4d 6c 4d 6a 4a 68 4a 54 49 79 4a 54 4e 42 4a 54 64 43 4a 54 49 79 59 53 55 79 4d 69 55 7a 51 53 55 33 51 69 55 79 4d 6e 59 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 4a 30 63 6e 56 6c 4a 54 49 79 4a 54 4a 44 4a 54 49 79 64 43 55
                                                                                                                                                                                                                          Data Ascii: JTdCJTIydjIlMjIlM0ExJTJDJTIyaWQlMjIlM0ElMjI3MGMyMDk5MTgzYjc0Zjk2NGQ5OWQyZGRkZmNmOThiYiUyMiUyQyUyMnQlMjIlM0EyNi41JTJDJTIydGFnJTIyJTNBJTIyNC41LjQzJTIyJTJDJTIyc3JjJTIyJTNBJTIyanMlMjIlMkMlMjJhJTIyJTNBJTdCJTIyYSUyMiUzQSU3QiUyMnYlMjIlM0ElMjJ0cnVlJTIyJTJDJTIydCU
                                                                                                                                                                                                                          2024-05-05 12:34:25 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:25 GMT
                                                                                                                                                                                                                          Content-Length: 156
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          set-cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7;Expires=Tue, 05-May-2026 12:34:25 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                          x-content-type-options: nosniff
                                                                                                                                                                                                                          x-stripe-server-envoy-start-time-us: 1714912465738127
                                                                                                                                                                                                                          x-stripe-server-envoy-upstream-service-time-ms: 4
                                                                                                                                                                                                                          x-envoy-attempt-count: 1
                                                                                                                                                                                                                          x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                          x-stripe-client-envoy-start-time-us: 1714912465737824
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:34:25 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 64 61 61 33 63 63 35 32 2d 32 38 33 34 2d 34 65 61 31 2d 61 34 36 63 2d 35 37 62 37 36 35 36 63 65 66 62 39 37 39 30 32 65 39 22 2c 22 67 75 69 64 22 3a 22 32 36 39 37 37 36 30 38 2d 65 39 30 32 2d 34 39 63 37 2d 38 39 30 61 2d 38 63 66 35 61 62 30 66 38 66 31 32 35 62 63 30 65 37 22 2c 22 73 69 64 22 3a 22 65 63 66 34 65 66 37 35 2d 33 36 35 63 2d 34 37 39 33 2d 62 30 65 36 2d 63 39 34 34 37 39 38 37 35 38 39 36 38 61 32 61 36 35 22 7d
                                                                                                                                                                                                                          Data Ascii: {"muid":"daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9","guid":"26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7","sid":"ecf4ef75-365c-4793-b0e6-c944798758968a2a65"}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          226192.168.2.44998444.240.201.864434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:26 UTC433OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7; cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9
                                                                                                                                                                                                                          2024-05-05 12:34:26 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:26 GMT
                                                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                                                          Content-Length: 138
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Location: https://stripe.com
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:34:26 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                          Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          227192.168.2.449985198.202.176.814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:27 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                          Host: stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
                                                                                                                                                                                                                          2024-05-05 12:34:28 UTC4216INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:28 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                          Content-Length: 2253471
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                          Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                          Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                          Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                          Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                          X-Mkt-Cache: HIT
                                                                                                                                                                                                                          X-Wis-Cache-Control: max-age=300
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                          2024-05-05 12:34:28 UTC12168INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                          2024-05-05 12:34:28 UTC16384INData Raw: 64 20 2e 53 65 63 74 69 6f 6e 5f 5f 6c 61 79 6f 75 74 7b 2d 2d 73 65 63 74 69 6f 6e 50 61 64 64 69 6e 67 54 6f 70 3a 30 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 3a 32 35 30 6d 73 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 53 70 61 63 69 6e 67 3a 31 33 70 78 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a
                                                                                                                                                                                                                          Data Ascii: d .Section__layout{--sectionPaddingTop:0}</style><style>.SiteHeader{--siteMenuTransition:250ms;--siteMenuArrowSpacing:13px;--siteMenuArrowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:
                                                                                                                                                                                                                          2024-05-05 12:34:28 UTC16384INData Raw: 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 31 32 30 25 29 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 2c 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 62 61 63 6b 42 75 74 74 6f 6e 7b 6f 70 61 63 69 74 79 3a 30 3b 76 69 73 69 62 69 6c 69 74 79 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 49 6e 29 3b 70 6f 69 6e 74 65 72 2d 65 76 65 6e 74 73 3a 6e 6f
                                                                                                                                                                                                                          Data Ascii: -color:transparent}.MobileMenu--isSubMenuActive .MobileMenu__logo{transform:translateX(-120%)}.MobileMenu--isSubMenuActive .MobileMenu__logo,.MobileMenu__backButton{opacity:0;visibility:hidden;transition:var(--siteMobileMenuTransitionIn);pointer-events:no
                                                                                                                                                                                                                          2024-05-05 12:34:28 UTC16384INData Raw: 69 6f 6e 2d 70 72 6f 70 65 72 74 79 3a 74 72 61 6e 73 66 6f 72 6d 3b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 7a 2d 69 6e 64 65 78 3a 32 7d 2e 53 69 74 65 48 65 61 64 65 72 2d 2d 64 72 6f 70 64 6f 77 6e 56 69 73 69 62 6c 65 20 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 59 28 30 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 29 29 20 72 6f 74 61 74 65 28 34 35 64 65 67 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e
                                                                                                                                                                                                                          Data Ascii: ion-property:transform;transition-duration:var(--siteMenuTransition);z-index:2}.SiteHeader--dropdownVisible .SiteHeaderArrow{transform:translateY(0) translateX(var(--siteMenuArrowOffset)) rotate(45deg)}@media (max-width:899px){.SiteHeaderArrow{display:non
                                                                                                                                                                                                                          2024-05-05 12:34:28 UTC16384INData Raw: 61 64 65 72 2c 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 3d 65 73 2d 75 73 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 37 38 70 78 7d 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 2a 3d 6a 61 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 36 36 70 78 7d 7d 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 76 61 72 28 2d 2d 63 61 70 74 69 6f 6e 4d 61 72 67 69 6e 54 6f 70 29 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 36 30 30 70 78 29 7b 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 69 6e 2d 77 69 64 74 68
                                                                                                                                                                                                                          Data Ascii: ader,.MktRoot[lang=es-us] .HomepageHeroHeader{--titleFontSize:78px}.MktRoot[lang*=ja] .HomepageHeroHeader{--titleFontSize:66px}}.HomepageHeroHeader__caption{margin-top:var(--captionMarginTop)}@media (min-width:600px){.HomepageHeroHeader__caption{min-width
                                                                                                                                                                                                                          2024-05-05 12:34:28 UTC16384INData Raw: 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 5a 28 30 29 7d 2e 46 61 63 65 2e 69 73 2d 70 68 6f 6e 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 7b 6f 70 61 63 69 74 79 3a 31 3b 74 72 61 6e 73 66 6f 72 6d 3a 70 65 72 73 70 65 63 74 69 76 65 28 35 30 30 70 78 29 20 74 72 61 6e 73 6c 61 74 65 59 28 31 32 70 78 29 20 72 6f 74 61 74 65 58 28 30 64 65 67 29 3b 61 6e 69 6d 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 66 61 63 65 41 6e 69 6d 61 74 69 6f 6e 44 69 73 61 62 6c 65 64 2c 70 68 6f 6e 65 2d 74 61 70 20 32 2e 37 73 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 66 6f 72 77 61 72 64 73 20 69 6e 66 69 6e 69 74 65 20 2e 34 73 29 7d 2e 46 61 63 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 43 6c 69 70 2c 2e 46 61 63 65 20 2e 46 61 63
                                                                                                                                                                                                                          Data Ascii: flow:hidden;transform:translateZ(0)}.Face.is-phone .Face__phone{opacity:1;transform:perspective(500px) translateY(12px) rotateX(0deg);animation:var(--faceAnimationDisabled,phone-tap 2.7s ease-in-out forwards infinite .4s)}.Face .Face__phoneClip,.Face .Fac
                                                                                                                                                                                                                          2024-05-05 12:34:28 UTC16384INData Raw: 66 36 66 39 66 63 3b 2d 2d 67 72 69 64 53 75 62 63 61 72 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 2d 2d 74 61 62 6c 65 49 63 6f 6e 43 6f 6c 6f 72 3a 23 38 63 39 65 62 31 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 57 68 69 74 65 3a 23 66 66 66 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 4c 69 67 68 74 3a 23 65 33 65 37 65 63 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 44 61 72 6b 3a 23 30 61 32 35 34 30 3b 2d 2d 62 75 6c 6c 65 74 43 6f 6c 6f 72 3a 23 63 66 64 37 64 66 3b 2d 2d 66 6f 6f 74 6e 6f 74 65 54 65 78 74 43 6f 6c 6f 72 3a 23 34 64 35 62 37 38 3b 2d 2d 64 69 73 63 6c 61 69 6d 65 72 54 65 78 74 43 6f 6c 6f 72 3a 23 37 30 37 66 39 38 3b 2d 2d 69 6e 6c 69 6e 65 43 6f 64 65 54 65 78 74 43 6f 6c 6f 72 3a 23 32 63 33 61 35 37 3b 2d 2d 69 6e
                                                                                                                                                                                                                          Data Ascii: f6f9fc;--gridSubcardBackground:#fff;--tableIconColor:#8c9eb1;--stripeAccentWhite:#fff;--stripeAccentLight:#e3e7ec;--stripeAccentDark:#0a2540;--bulletColor:#cfd7df;--footnoteTextColor:#4d5b78;--disclaimerTextColor:#707f98;--inlineCodeTextColor:#2c3a57;--in
                                                                                                                                                                                                                          2024-05-05 12:34:28 UTC16384INData Raw: 6f 6c 6f 72 3a 23 66 61 62 30 30 30 7d 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 66 66 63 65 34 38 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 66 6c 61 76 6f 72 2d 2d 54 72 6f 70 69 63 61 6c 7b 2d 2d 62 6c 65 6e 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 38 30 65 39 66 66 3b 2d 2d 62 6c 65 6e 64 49 6e 74 65 72 73 65 63 74 69 6f 6e 3a 23 30 30 34 38 65 35 3b 2d 2d 62 6c 65 6e 64 46 6f 72 65 67 72 6f 75 6e 64 3a 23 37 61 37 33 66 66 3b 2d 2d 67 72 61 64 69 65 6e 74 43 6f 6c 6f 72 5a 65 72 6f
                                                                                                                                                                                                                          Data Ascii: olor:#fab000}.flavor--Sunset.theme--Dark.accent--Yellow,.flavor--Sunset.theme--Dark .accent--Yellow{--accentColor:#ffce48}</style><style>.flavor--Tropical{--blendBackground:#80e9ff;--blendIntersection:#0048e5;--blendForeground:#7a73ff;--gradientColorZero
                                                                                                                                                                                                                          2024-05-05 12:34:28 UTC16384INData Raw: 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 49 6e 76 6f 69 63 69 6e 67 46 65 61 74 75 72 65 47 72 61 70 68 69 63 2d 64 62 39 35 66 36 63 62 66 61 36 33 38 63 63 61 31 35 31 65 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 44 65 76 65 6c 6f 70 65 72 73
                                                                                                                                                                                                                          Data Ascii: esheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/InvoicingFeatureGraphic-db95f6cbfa638cca151e.css" media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Developers
                                                                                                                                                                                                                          2024-05-05 12:34:28 UTC16384INData Raw: 36 47 48 48 37 4e 46 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 50 61 79 6d 65 6e 74 73 41 6e 69 6d 61 74 69 6f 6e 2d 56 43 35 4d 44 35 32 51 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 49 63 6f 6e 47 72 69 64 2d 53 52 36 44 55 4d 59 43 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68
                                                                                                                                                                                                                          Data Ascii: 6GHH7NF.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorPaymentsAnimation-VC5MD52Q.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorIconGrid-SR6DUMYC.js"},{"critical":false,"path


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          228192.168.2.449986104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:28 UTC997OUTGET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                          Sec-Fetch-User: ?1
                                                                                                                                                                                                                          Sec-Fetch-Dest: document
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912463.60.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:29 UTC1031INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:29 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                          Link: <https://bitsum.com/wp-json/>; rel="https://api.w.org/"
                                                                                                                                                                                                                          Link: <https://bitsum.com/wp-json/wp/v2/pages/26649>; rel="alternate"; type="application/json"
                                                                                                                                                                                                                          Link: <https://bitsum.com/?p=26649>; rel=shortlink
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vIiy%2BG2XA4OjskXgvjCNdKSXYrnVexV0v25t9xUgx0oWeV6Ezc3bx2QVVdsPX4EEyla8K8y6lmPOh6nWSb5nqhcJklU5FvuMKd62ATTDJbWdtsee0ZpPfo50KXY%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c3d399c056f2-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:29 UTC338INData Raw: 37 62 61 64 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65
                                                                                                                                                                                                                          Data Ascii: 7bad<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><link rel="profile" href="http://gmpg.org/xfn/11" /><link rel="pingback" href="https://bitsum.com/xmlrpc.php" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta name
                                                                                                                                                                                                                          2024-05-05 12:34:29 UTC1369INData Raw: 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 66 61 76 69 63 6f 6e 2e 70 6e 67 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 47 65 74 20 50 72 6f 63 65 73 73 20 4c 61 73 73 6f 20 50 72 6f 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74
                                                                                                                                                                                                                          Data Ascii: content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /><link rel="shortcut icon" href="https://bitsum.com/wp-content/uploads/favicon.png" type="image/x-icon" /><title>Get Process Lasso Pro</title><meta name="robots" cont
                                                                                                                                                                                                                          2024-05-05 12:34:29 UTC1369INData Raw: 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 29 20 3a 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 65 66 61 75 6c 74 4c 6f 63 61 74 69 6f 6e 73 20 29 3b 0a 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 76 61 72 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 4c 6f 63 61 74 69 6f 6e 73 20 3d 20 28 74 79 70 65 6f 66 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d 6f 6e
                                                                                                                                                                                                                          Data Ascii: = 'object') ? MonsterInsightsPrivacyGuardFilter( MonsterInsightsExcludeQuery ) : MonsterInsightsPrivacyGuardFilter( MonsterInsightsDefaultLocations );} else {var MonsterInsightsLocations = (typeof MonsterInsightsExcludeQuery === 'object') ? Mon
                                                                                                                                                                                                                          2024-05-05 12:34:29 UTC1369INData Raw: 74 73 44 75 61 6c 54 72 61 63 6b 65 72 20 3d 20 7b 0a 09 09 09 09 09 68 65 6c 70 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 09 74 72 61 63 6b 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 7d 3b 0a 09 09 09 09 69 66 20 28 6d 69 5f 74 72 61 63 6b 5f 75 73 65 72 29 20 7b 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 29 20 7b 0a 09 09 09 09 09 09 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 0a 09 09 09 09 09 7d 0a 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 54 72 61 63 6b 65 72 28 74 79 70 65 2c 20 6e 61 6d 65 2c 20 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 69 66 20 28 21 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 09 70 61 72 61 6d 65 74
                                                                                                                                                                                                                          Data Ascii: tsDualTracker = {helpers: {},trackers: {},};if (mi_track_user) {function __gtagDataLayer() {dataLayer.push(arguments);}function __gtagTracker(type, name, parameters) {if (!parameters) {paramet
                                                                                                                                                                                                                          2024-05-05 12:34:29 UTC1369INData Raw: 65 76 65 6c 6f 70 65 72 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 6e 61 6c 79 74 69 63 73 2f 64 65 76 67 75 69 64 65 73 2f 63 6f 6c 6c 65 63 74 69 6f 6e 2f 61 6e 61 6c 79 74 69 63 73 6a 73 2f 20 2a 2f 0a 09 09 09 09 09 09 2f 2a 20 67 61 20 61 6e 64 20 5f 5f 67 61 54 72 61 63 6b 65 72 20 63 6f 6d 70 61 74 69 62 69 6c 69 74 79 20 73 68 69 6d 2e 20 2a 2f 0a 09 09 09 09 09 09 76 61 72 20 6e 6f 6f 70 66 6e 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 0a 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 76 61 72 20 6e 65 77 74 72 61 63 6b 65 72 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 65 77 20 54 72 61 63 6b 65 72 28 29 3b 0a 09 09 09 09 09 09 7d 3b
                                                                                                                                                                                                                          Data Ascii: evelopers.google.com/analytics/devguides/collection/analyticsjs/ *//* ga and __gaTracker compatibility shim. */var noopfn = function () {return null;};var newtracker = function () {return new Tracker();};
                                                                                                                                                                                                                          2024-05-05 12:34:29 UTC1369INData Raw: 74 41 63 74 69 6f 6e 27 3a 20 27 70 61 67 65 5f 76 69 65 77 27 2c 0a 09 09 09 09 09 09 09 09 09 09 09 09 27 70 61 67 65 5f 70 61 74 68 27 3a 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 2c 0a 09 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 4f 62 6a 65 63 74 20 3d 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 35 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 4f 62
                                                                                                                                                                                                                          Data Ascii: tAction': 'page_view','page_path': arguments[2],}}}if (typeof arguments[2] === 'object') {hitObject = arguments[2];}if (typeof arguments[5] === 'object') {Ob
                                                                                                                                                                                                                          2024-05-05 12:34:29 UTC1369INData Raw: 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 09 09 66 6f 72 20 28 61 72 67 20 69 6e 20 61 72 67 73 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 69 66 20 28 21 28 21 61 72 67 73 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 20 7c 7c 20 21 67 61 4d 61 70 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 29 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 67 61 4d 61 70 5b 61 72 67 5d 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 61 72 67 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 68 69 74 3b 0a 09 09 09 09 09
                                                                                                                                                                                                                          Data Ascii: };for (arg in args) {if (!(!args.hasOwnProperty(arg) || !gaMap.hasOwnProperty(arg))) {hit[gaMap[arg]] = args[arg];} else {hit[arg] = args[arg];}}return hit;
                                                                                                                                                                                                                          2024-05-05 12:34:29 UTC1369INData Raw: 70 49 6e 64 65 78 29 29 20 7b 0a 09 09 09 09 09 09 69 74 65 6d 5b 66 69 65 6c 64 4d 61 70 5b 6d 61 70 49 6e 64 65 78 5d 5d 20 3d 20 75 61 49 74 65 6d 5b 6d 61 70 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 7d 0a 09 09 09 09 7d 0a 0a 09 09 09 09 66 6f 72 20 28 70 72 65 66 69 78 49 6e 64 65 78 20 3d 20 30 3b 20 70 72 65 66 69 78 49 6e 64 65 78 20 3c 20 74 6f 42 65 50 72 65 66 69 78 65 64 2e 6c 65 6e 67 74 68 3b 20 70 72 65 66 69 78 49 6e 64 65 78 2b 2b 29 20 7b 0a 09 09 09 09 09 70 72 65 66 69 78 4b 65 79 20 3d 20 74 6f 42 65 50 72 65 66 69 78 65 64 5b 70 72 65 66 69 78 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 75 61 49 74 65 6d 5b 70 72 65 66 69 78 4b 65 79 5d 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 29 20 7b 0a 09 09 09 09
                                                                                                                                                                                                                          Data Ascii: pIndex)) {item[fieldMap[mapIndex]] = uaItem[mapIndex];}}for (prefixIndex = 0; prefixIndex < toBePrefixed.length; prefixIndex++) {prefixKey = toBePrefixed[prefixIndex];if (typeof uaItem[prefixKey] !== 'undefined') {
                                                                                                                                                                                                                          2024-05-05 12:34:29 UTC1369INData Raw: 09 09 63 6f 6e 73 74 20 69 74 65 6d 73 20 3d 20 70 61 72 61 6d 65 74 65 72 73 2e 69 74 65 6d 73 2e 6d 61 70 28 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 68 65 6c 70 65 72 73 2e 6d 61 70 50 72 6f 64 75 63 74 49 74 65 6d 29 3b 0a 09 09 09 09 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 27 65 76 65 6e 74 27 2c 20 27 73 65 6c 65 63 74 5f 69 74 65 6d 27 2c 20 7b 69 74 65 6d 73 3a 20 69 74 65 6d 73 2c 20 73 65 6e 64 5f 74 6f 3a 20 70 61 72 61 6d 65 74 65 72 73 2e 73 65 6e 64 5f 74 6f 7d 29 3b 0a 09 09 09 7d 3b 0a 0a 09 09 09 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 74 72 61 63 6b 65 72 73 5b 27 76 69 65 77 5f 69 74 65 6d 27 5d 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 70 61 72 61 6d
                                                                                                                                                                                                                          Data Ascii: const items = parameters.items.map(MonsterInsightsDualTracker.helpers.mapProductItem);__gtagDataLayer('event', 'select_item', {items: items, send_to: parameters.send_to});};MonsterInsightsDualTracker.trackers['view_item'] = function (param
                                                                                                                                                                                                                          2024-05-05 12:34:29 UTC1369INData Raw: 6e 63 74 69 6f 6e 20 75 28 65 2c 74 2c 6e 29 7b 73 77 69 74 63 68 28 74 29 7b 63 61 73 65 22 66 6c 61 67 22 3a 72 65 74 75 72 6e 20 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 32 36 61 37 5c 75 66 65 30 66 22 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 62 5c 75 32 36 61 37 5c 75 66 65 30 66 22 29 3f 21 31 3a 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 64 38 33 63 5c 75 64 64 66 33 22 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 32 30 30 62 5c 75 64 38 33 63 5c 75 64 64 66 33 22 29 26 26 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 64 62 34 30 5c 75 64 63 36 35 5c 75 64 62
                                                                                                                                                                                                                          Data Ascii: nction u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc65\udb


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          229192.168.2.449987104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:29 UTC885OUTGET /?custom-css=c8bee26073 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912463.60.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:30 UTC824INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:30 GMT
                                                                                                                                                                                                                          Content-Type: text/css;charset=UTF-8
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Mon, 05 May 2025 12:34:30 GMT
                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jy0Wu0fCv1ss0eVO5TAh92OZu43r99UWq3Lceyns6Anf6fEl%2BlXF2OLcAFBUTlmv4CbqUtEJt0YK1fmRlfsBH4XQTOTGnJE4FFqfAeA%2BgaBYArGt%2B5yXcuB7%2FPk%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c3d8be002430-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:30 UTC545INData Raw: 66 31 38 0d 0a 40 69 6d 70 6f 72 74 20 75 72 6c 28 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 26 64 69 73 70 6c 61 79 3d 73 77 61 70 27 29 3b 0a 0a 2f 2a 20 64 69 73 61 62 6c 65 20 64 61 72 6b 20 6d 6f 64 65 20 70 65 6e 64 69 6e 67 20 6d 6f 72 65 20 70 72 65 63 69 73 65 20 77 6f 72 6b 20 2a 2f 0a 2f 2a 20 40 69 6d 70 6f 72 74 20 22 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6d 65 6d 69 6e 7a 2f 63 73 73 2f 64 61 72 6b 6d 6f 64 65 2d 63 75 73 74 6f 6d 2e 63 73 73 22 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 20 64 61 72 6b 29 3b 0a 2a 2f 0a 0a 23 6e 6f 2d 75 73 65 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f
                                                                                                                                                                                                                          Data Ascii: f18@import url('https://fonts.googleapis.com/css2?family=Roboto&display=swap');/* disable dark mode pending more precise work *//* @import "/wp-content/themes/meminz/css/darkmode-custom.css" (prefers-color-scheme: dark);*/#no-use {margin: 0 auto
                                                                                                                                                                                                                          2024-05-05 12:34:30 UTC1369INData Raw: 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 66 6f 63 75 73 0a 7b 0a 09 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 68 6f 76 65 72 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 2e 73 65 6c 65 63 74 65 64 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74
                                                                                                                                                                                                                          Data Ascii: r-default .navbar-nav li a:focus{border: none;}.navbar-default .navbar-nav li a:hover,.navbar-default .navbar-nav li a.selected,.navbar-default .navbar-nav .active a,.navbar-default .navbar-nav .dropdown.active a,.navbar-default .navbar-nav .act
                                                                                                                                                                                                                          2024-05-05 12:34:30 UTC1369INData Raw: 30 30 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 2e 35 65 6d 3b 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 2e 35 65 6d 3b 0a 09 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 37 30 30 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 32 70 78 3b 0a 09 2d 6d 6f 7a 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 77 65 62 6b 69 74 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 6b 68 74 6d 6c 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 3b 0a 09 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 7d 0a 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 61 63 74 69 76 65 2c 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 68 6f 76 65
                                                                                                                                                                                                                          Data Ascii: 000;padding: .5em;line-height: 2.5em;font-weight: 700;border-width: 2px;-moz-border-radius: .5em;-webkit-border-radius: .5em;-khtml-border-radius: .5em .5em .5em .5em;border-radius: .5em;}a.download_button:active,a.download_button:hove
                                                                                                                                                                                                                          2024-05-05 12:34:30 UTC588INData Raw: 6e 64 2d 63 6f 6c 6f 72 3a 20 23 45 30 45 30 45 30 3b 0a 09 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 39 41 39 41 39 41 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 31 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 7d 0a 0a 2e 77 70 62 5f 63 6f 6e 74 65 6e 74 5f 65 6c 65 6d 65 6e 74 20 2e 77 70 62 5f 74 61 62 73 5f 6e 61 76 20 7b 0a 09 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 68 69 64 64 65 6e 2c 20 2e 65 64 64 5f 73 6c 5f 6e 6f 5f 6d 61 6e 61 67 65 6d 65 6e 74 2c 20 2e 65 64 64 5f 73 6c 5f 73 74 61 74 75 73 5f 6c 61 62 65 6c 2c 20 2e 65 64 64 2d 73 6c 2d 61 63 74 69 76
                                                                                                                                                                                                                          Data Ascii: nd-color: #E0E0E0;border-color: #9A9A9A;border-width: 1px;border-top-left-radius: 6px;border-top-right-radius: 6px;}.wpb_content_element .wpb_tabs_nav {border-style: none;}.hidden, .edd_sl_no_management, .edd_sl_status_label, .edd-sl-activ
                                                                                                                                                                                                                          2024-05-05 12:34:30 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          230192.168.2.449989104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:30 UTC1016OUTPOST /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 136
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded; charset=UTF-8
                                                                                                                                                                                                                          X-Requested-With: XMLHttpRequest
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912463.60.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:30 UTC136OUTData Raw: 61 63 74 69 6f 6e 3d 65 64 64 75 68 5f 74 72 61 63 6b 5f 68 69 73 74 6f 72 79 26 70 61 67 65 5f 75 72 6c 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 62 69 74 73 75 6d 2e 63 6f 6d 25 32 46 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 25 32 46 25 33 46 64 69 73 63 6f 75 6e 74 25 33 44 42 49 54 53 55 4d 32 35 4f 46 46 25 32 36 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 25 33 44 31 26 72 65 66 65 72 72 65 72 3d
                                                                                                                                                                                                                          Data Ascii: action=edduh_track_history&page_url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&referrer=
                                                                                                                                                                                                                          2024-05-05 12:34:30 UTC1018INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:30 GMT
                                                                                                                                                                                                                          Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                          Content-Length: 120
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          X-Robots-Tag: noindex
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TYPcPcUG8f2jZP3WH3ffev8WMF2hC52eOfkXTDaGYb59s9HIrnoNQlXwPMU2fDpa95DRIM54Qb0vkqNbzaREAHc%2B%2ByXK5QaWI1u%2BACUOcN2WO%2Fcqechi0JHikwc%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c3db4d4b6fcd-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:30 UTC120INData Raw: 7b 22 73 75 63 63 65 73 73 22 3a 74 72 75 65 2c 22 64 61 74 61 22 3a 7b 22 70 61 67 65 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 62 69 74 73 75 6d 2e 63 6f 6d 5c 2f 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 5c 2f 3f 64 69 73 63 6f 75 6e 74 3d 42 49 54 53 55 4d 32 35 4f 46 46 26 23 30 33 38 3b 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 3d 31 22 7d 7d
                                                                                                                                                                                                                          Data Ascii: {"success":true,"data":{"page_url":"https:\/\/bitsum.com\/get-lasso-pro\/?discount=BITSUM25OFF&#038;inproductcoupon=1"}}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          231192.168.2.449990104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:30 UTC925OUTGET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714912469 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912463.60.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:30 UTC749INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:30 GMT
                                                                                                                                                                                                                          Content-Type: text/css
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Fri, 20 Jan 2023 17:33:14 GMT
                                                                                                                                                                                                                          ETag: "1f80ab-0-5f2b571b5b143"
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: MISS
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vE%2BASl3N0jpUHzUxauZcmYjBcmZIvZHYKxJJ%2FwOgVeo1aBJj6tPNd9hckTATltIxESl8pd%2FuqpX%2B9vP49lZTlPke%2F1MHyZj1OZpbC7Yi10LrTCWngz%2FunDGBlos%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c3db5f228232-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          232192.168.2.449991216.239.38.1814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:30 UTC1235OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912469117&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=1535 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:30 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:30 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          233192.168.2.449992216.239.38.1814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:30 UTC1240OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912469117&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=2&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=2&tfd=1685 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:30 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:30 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          234192.168.2.449993216.239.38.1814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:30 UTC1690OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912469117&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr5.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr36.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr64.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true&_e [TRUNCATED]
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:30 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:30 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          235192.168.2.449994216.239.38.1814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:30 UTC1234OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912463067&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&tfd=8755 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:30 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:30 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          236192.168.2.449995192.0.76.34434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:30 UTC690OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1784&rand=0.7880681605956541 HTTP/1.1
                                                                                                                                                                                                                          Host: pixel.wp.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: image
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:30 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:30 GMT
                                                                                                                                                                                                                          Content-Type: image/gif
                                                                                                                                                                                                                          Content-Length: 50
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:30 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                          Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          237192.168.2.449997104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:30 UTC648OUTGET /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912469.54.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:31 UTC817INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:31 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                          Content-Length: 1
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          X-Robots-Tag: noindex
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fRx04nEPepoJs6os8HEJ95RTIzG%2FNssXRmJjJqua%2BisyNQi0MhzDNhivaDKeF2PAzWlj6DCyaDbwndxpmkrb9SPyF%2BUP2DNo%2FKxhGcGwJzXtsU6dGDdFeVgPxX0%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c3df89940851-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:31 UTC1INData Raw: 30
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          238192.168.2.44999644.237.131.1214434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:30 UTC660OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 3504
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://m.stripe.network
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://m.stripe.network/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7
                                                                                                                                                                                                                          2024-05-05 12:34:30 UTC3504OUTData Raw: 4a 54 64 43 4a 54 49 79 64 6a 49 6c 4d 6a 49 6c 4d 30 45 78 4a 54 4a 44 4a 54 49 79 61 57 51 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 49 33 4d 47 4d 79 4d 44 6b 35 4d 54 67 7a 59 6a 63 30 5a 6a 6b 32 4e 47 51 35 4f 57 51 79 5a 47 52 6b 5a 6d 4e 6d 4f 54 68 69 59 69 55 79 4d 69 55 79 51 79 55 79 4d 6e 51 6c 4d 6a 49 6c 4d 30 45 30 4e 53 34 32 4a 54 4a 44 4a 54 49 79 64 47 46 6e 4a 54 49 79 4a 54 4e 42 4a 54 49 79 4e 43 34 31 4c 6a 51 7a 4a 54 49 79 4a 54 4a 44 4a 54 49 79 63 33 4a 6a 4a 54 49 79 4a 54 4e 42 4a 54 49 79 61 6e 4d 6c 4d 6a 49 6c 4d 6b 4d 6c 4d 6a 4a 68 4a 54 49 79 4a 54 4e 42 4a 54 64 43 4a 54 49 79 59 53 55 79 4d 69 55 7a 51 53 55 33 51 69 55 79 4d 6e 59 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 4a 30 63 6e 56 6c 4a 54 49 79 4a 54 4a 44 4a 54 49 79 64 43 55
                                                                                                                                                                                                                          Data Ascii: JTdCJTIydjIlMjIlM0ExJTJDJTIyaWQlMjIlM0ElMjI3MGMyMDk5MTgzYjc0Zjk2NGQ5OWQyZGRkZmNmOThiYiUyMiUyQyUyMnQlMjIlM0E0NS42JTJDJTIydGFnJTIyJTNBJTIyNC41LjQzJTIyJTJDJTIyc3JjJTIyJTNBJTIyanMlMjIlMkMlMjJhJTIyJTNBJTdCJTIyYSUyMiUzQSU3QiUyMnYlMjIlM0ElMjJ0cnVlJTIyJTJDJTIydCU
                                                                                                                                                                                                                          2024-05-05 12:34:31 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:31 GMT
                                                                                                                                                                                                                          Content-Length: 156
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          set-cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7;Expires=Tue, 05-May-2026 12:34:31 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                          x-content-type-options: nosniff
                                                                                                                                                                                                                          x-stripe-server-envoy-start-time-us: 1714912471155064
                                                                                                                                                                                                                          x-stripe-server-envoy-upstream-service-time-ms: 2
                                                                                                                                                                                                                          x-envoy-attempt-count: 1
                                                                                                                                                                                                                          x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                          x-stripe-client-envoy-start-time-us: 1714912471154742
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:34:31 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 64 61 61 33 63 63 35 32 2d 32 38 33 34 2d 34 65 61 31 2d 61 34 36 63 2d 35 37 62 37 36 35 36 63 65 66 62 39 37 39 30 32 65 39 22 2c 22 67 75 69 64 22 3a 22 32 36 39 37 37 36 30 38 2d 65 39 30 32 2d 34 39 63 37 2d 38 39 30 61 2d 38 63 66 35 61 62 30 66 38 66 31 32 35 62 63 30 65 37 22 2c 22 73 69 64 22 3a 22 65 63 66 34 65 66 37 35 2d 33 36 35 63 2d 34 37 39 33 2d 62 30 65 36 2d 63 39 34 34 37 39 38 37 35 38 39 36 38 61 32 61 36 35 22 7d
                                                                                                                                                                                                                          Data Ascii: {"muid":"daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9","guid":"26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7","sid":"ecf4ef75-365c-4793-b0e6-c944798758968a2a65"}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          239192.168.2.449998192.0.76.34434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:30 UTC460OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1784&rand=0.7880681605956541 HTTP/1.1
                                                                                                                                                                                                                          Host: pixel.wp.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:31 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:31 GMT
                                                                                                                                                                                                                          Content-Type: image/gif
                                                                                                                                                                                                                          Content-Length: 50
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:31 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                          Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          240192.168.2.44999944.240.201.864434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:34 UTC433OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7; cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9
                                                                                                                                                                                                                          2024-05-05 12:34:34 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:34 GMT
                                                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                                                          Content-Length: 138
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Location: https://stripe.com
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:34:34 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                          Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          241192.168.2.450000198.202.176.814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:34 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                          Host: stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
                                                                                                                                                                                                                          2024-05-05 12:34:35 UTC4216INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:35 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                          Content-Length: 2253471
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                          Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                          Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                          Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                          Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                          X-Mkt-Cache: HIT
                                                                                                                                                                                                                          X-Wis-Cache-Control: max-age=300
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                          2024-05-05 12:34:35 UTC12168INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                          2024-05-05 12:34:35 UTC16384INData Raw: 64 20 2e 53 65 63 74 69 6f 6e 5f 5f 6c 61 79 6f 75 74 7b 2d 2d 73 65 63 74 69 6f 6e 50 61 64 64 69 6e 67 54 6f 70 3a 30 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 3a 32 35 30 6d 73 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 53 70 61 63 69 6e 67 3a 31 33 70 78 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a
                                                                                                                                                                                                                          Data Ascii: d .Section__layout{--sectionPaddingTop:0}</style><style>.SiteHeader{--siteMenuTransition:250ms;--siteMenuArrowSpacing:13px;--siteMenuArrowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:
                                                                                                                                                                                                                          2024-05-05 12:34:35 UTC16384INData Raw: 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 31 32 30 25 29 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 2c 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 62 61 63 6b 42 75 74 74 6f 6e 7b 6f 70 61 63 69 74 79 3a 30 3b 76 69 73 69 62 69 6c 69 74 79 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 49 6e 29 3b 70 6f 69 6e 74 65 72 2d 65 76 65 6e 74 73 3a 6e 6f
                                                                                                                                                                                                                          Data Ascii: -color:transparent}.MobileMenu--isSubMenuActive .MobileMenu__logo{transform:translateX(-120%)}.MobileMenu--isSubMenuActive .MobileMenu__logo,.MobileMenu__backButton{opacity:0;visibility:hidden;transition:var(--siteMobileMenuTransitionIn);pointer-events:no
                                                                                                                                                                                                                          2024-05-05 12:34:35 UTC16384INData Raw: 69 6f 6e 2d 70 72 6f 70 65 72 74 79 3a 74 72 61 6e 73 66 6f 72 6d 3b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 7a 2d 69 6e 64 65 78 3a 32 7d 2e 53 69 74 65 48 65 61 64 65 72 2d 2d 64 72 6f 70 64 6f 77 6e 56 69 73 69 62 6c 65 20 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 59 28 30 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 29 29 20 72 6f 74 61 74 65 28 34 35 64 65 67 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e
                                                                                                                                                                                                                          Data Ascii: ion-property:transform;transition-duration:var(--siteMenuTransition);z-index:2}.SiteHeader--dropdownVisible .SiteHeaderArrow{transform:translateY(0) translateX(var(--siteMenuArrowOffset)) rotate(45deg)}@media (max-width:899px){.SiteHeaderArrow{display:non
                                                                                                                                                                                                                          2024-05-05 12:34:35 UTC16384INData Raw: 61 64 65 72 2c 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 3d 65 73 2d 75 73 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 37 38 70 78 7d 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 2a 3d 6a 61 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 36 36 70 78 7d 7d 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 76 61 72 28 2d 2d 63 61 70 74 69 6f 6e 4d 61 72 67 69 6e 54 6f 70 29 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 36 30 30 70 78 29 7b 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 69 6e 2d 77 69 64 74 68
                                                                                                                                                                                                                          Data Ascii: ader,.MktRoot[lang=es-us] .HomepageHeroHeader{--titleFontSize:78px}.MktRoot[lang*=ja] .HomepageHeroHeader{--titleFontSize:66px}}.HomepageHeroHeader__caption{margin-top:var(--captionMarginTop)}@media (min-width:600px){.HomepageHeroHeader__caption{min-width
                                                                                                                                                                                                                          2024-05-05 12:34:35 UTC16384INData Raw: 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 5a 28 30 29 7d 2e 46 61 63 65 2e 69 73 2d 70 68 6f 6e 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 7b 6f 70 61 63 69 74 79 3a 31 3b 74 72 61 6e 73 66 6f 72 6d 3a 70 65 72 73 70 65 63 74 69 76 65 28 35 30 30 70 78 29 20 74 72 61 6e 73 6c 61 74 65 59 28 31 32 70 78 29 20 72 6f 74 61 74 65 58 28 30 64 65 67 29 3b 61 6e 69 6d 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 66 61 63 65 41 6e 69 6d 61 74 69 6f 6e 44 69 73 61 62 6c 65 64 2c 70 68 6f 6e 65 2d 74 61 70 20 32 2e 37 73 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 66 6f 72 77 61 72 64 73 20 69 6e 66 69 6e 69 74 65 20 2e 34 73 29 7d 2e 46 61 63 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 43 6c 69 70 2c 2e 46 61 63 65 20 2e 46 61 63
                                                                                                                                                                                                                          Data Ascii: flow:hidden;transform:translateZ(0)}.Face.is-phone .Face__phone{opacity:1;transform:perspective(500px) translateY(12px) rotateX(0deg);animation:var(--faceAnimationDisabled,phone-tap 2.7s ease-in-out forwards infinite .4s)}.Face .Face__phoneClip,.Face .Fac
                                                                                                                                                                                                                          2024-05-05 12:34:35 UTC16384INData Raw: 66 36 66 39 66 63 3b 2d 2d 67 72 69 64 53 75 62 63 61 72 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 2d 2d 74 61 62 6c 65 49 63 6f 6e 43 6f 6c 6f 72 3a 23 38 63 39 65 62 31 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 57 68 69 74 65 3a 23 66 66 66 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 4c 69 67 68 74 3a 23 65 33 65 37 65 63 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 44 61 72 6b 3a 23 30 61 32 35 34 30 3b 2d 2d 62 75 6c 6c 65 74 43 6f 6c 6f 72 3a 23 63 66 64 37 64 66 3b 2d 2d 66 6f 6f 74 6e 6f 74 65 54 65 78 74 43 6f 6c 6f 72 3a 23 34 64 35 62 37 38 3b 2d 2d 64 69 73 63 6c 61 69 6d 65 72 54 65 78 74 43 6f 6c 6f 72 3a 23 37 30 37 66 39 38 3b 2d 2d 69 6e 6c 69 6e 65 43 6f 64 65 54 65 78 74 43 6f 6c 6f 72 3a 23 32 63 33 61 35 37 3b 2d 2d 69 6e
                                                                                                                                                                                                                          Data Ascii: f6f9fc;--gridSubcardBackground:#fff;--tableIconColor:#8c9eb1;--stripeAccentWhite:#fff;--stripeAccentLight:#e3e7ec;--stripeAccentDark:#0a2540;--bulletColor:#cfd7df;--footnoteTextColor:#4d5b78;--disclaimerTextColor:#707f98;--inlineCodeTextColor:#2c3a57;--in
                                                                                                                                                                                                                          2024-05-05 12:34:35 UTC16384INData Raw: 6f 6c 6f 72 3a 23 66 61 62 30 30 30 7d 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 66 66 63 65 34 38 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 66 6c 61 76 6f 72 2d 2d 54 72 6f 70 69 63 61 6c 7b 2d 2d 62 6c 65 6e 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 38 30 65 39 66 66 3b 2d 2d 62 6c 65 6e 64 49 6e 74 65 72 73 65 63 74 69 6f 6e 3a 23 30 30 34 38 65 35 3b 2d 2d 62 6c 65 6e 64 46 6f 72 65 67 72 6f 75 6e 64 3a 23 37 61 37 33 66 66 3b 2d 2d 67 72 61 64 69 65 6e 74 43 6f 6c 6f 72 5a 65 72 6f
                                                                                                                                                                                                                          Data Ascii: olor:#fab000}.flavor--Sunset.theme--Dark.accent--Yellow,.flavor--Sunset.theme--Dark .accent--Yellow{--accentColor:#ffce48}</style><style>.flavor--Tropical{--blendBackground:#80e9ff;--blendIntersection:#0048e5;--blendForeground:#7a73ff;--gradientColorZero
                                                                                                                                                                                                                          2024-05-05 12:34:35 UTC16384INData Raw: 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 49 6e 76 6f 69 63 69 6e 67 46 65 61 74 75 72 65 47 72 61 70 68 69 63 2d 64 62 39 35 66 36 63 62 66 61 36 33 38 63 63 61 31 35 31 65 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 44 65 76 65 6c 6f 70 65 72 73
                                                                                                                                                                                                                          Data Ascii: esheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/InvoicingFeatureGraphic-db95f6cbfa638cca151e.css" media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Developers
                                                                                                                                                                                                                          2024-05-05 12:34:35 UTC16384INData Raw: 36 47 48 48 37 4e 46 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 50 61 79 6d 65 6e 74 73 41 6e 69 6d 61 74 69 6f 6e 2d 56 43 35 4d 44 35 32 51 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 49 63 6f 6e 47 72 69 64 2d 53 52 36 44 55 4d 59 43 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68
                                                                                                                                                                                                                          Data Ascii: 6GHH7NF.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorPaymentsAnimation-VC5MD52Q.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorIconGrid-SR6DUMYC.js"},{"critical":false,"path


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          242192.168.2.450001216.239.38.1814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:35 UTC1240OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912469117&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=1&tfd=6702 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:35 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:35 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          243192.168.2.450003104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:35 UTC997OUTGET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                          Sec-Fetch-User: ?1
                                                                                                                                                                                                                          Sec-Fetch-Dest: document
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912469.54.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:36 UTC1037INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:36 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                          Link: <https://bitsum.com/wp-json/>; rel="https://api.w.org/"
                                                                                                                                                                                                                          Link: <https://bitsum.com/wp-json/wp/v2/pages/26649>; rel="alternate"; type="application/json"
                                                                                                                                                                                                                          Link: <https://bitsum.com/?p=26649>; rel=shortlink
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9AbaHgSMQ2zwW%2BffWrY6GI7ZjVBYsoGoE8%2BNFTY0iGfZfFKdM1FfRHAy1b2nEL1pLCswjaKN9voalPtNRdZ4MMQp9mhQI%2FdFY%2Fi4nxk6hF9IrNnFrfCYPUEeKuY%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c3fc5bdf20d7-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:36 UTC332INData Raw: 37 62 61 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65
                                                                                                                                                                                                                          Data Ascii: 7ba7<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><link rel="profile" href="http://gmpg.org/xfn/11" /><link rel="pingback" href="https://bitsum.com/xmlrpc.php" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta name
                                                                                                                                                                                                                          2024-05-05 12:34:36 UTC1369INData Raw: 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 66 61 76 69 63 6f 6e 2e 70 6e 67 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 47 65 74 20 50 72 6f 63 65 73 73 20 4c 61 73 73 6f 20 50 72 6f 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73
                                                                                                                                                                                                                          Data Ascii: port" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /><link rel="shortcut icon" href="https://bitsum.com/wp-content/uploads/favicon.png" type="image/x-icon" /><title>Get Process Lasso Pro</title><meta name="robots
                                                                                                                                                                                                                          2024-05-05 12:34:36 UTC1369INData Raw: 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 29 20 3a 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 65 66 61 75 6c 74 4c 6f 63 61 74 69 6f 6e 73 20 29 3b 0a 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 76 61 72 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 4c 6f 63 61 74 69 6f 6e 73 20 3d 20 28 74 79 70 65 6f 66 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29
                                                                                                                                                                                                                          Data Ascii: ery === 'object') ? MonsterInsightsPrivacyGuardFilter( MonsterInsightsExcludeQuery ) : MonsterInsightsPrivacyGuardFilter( MonsterInsightsDefaultLocations );} else {var MonsterInsightsLocations = (typeof MonsterInsightsExcludeQuery === 'object')
                                                                                                                                                                                                                          2024-05-05 12:34:36 UTC1369INData Raw: 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 20 3d 20 7b 0a 09 09 09 09 09 68 65 6c 70 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 09 74 72 61 63 6b 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 7d 3b 0a 09 09 09 09 69 66 20 28 6d 69 5f 74 72 61 63 6b 5f 75 73 65 72 29 20 7b 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 29 20 7b 0a 09 09 09 09 09 09 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 0a 09 09 09 09 09 7d 0a 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 54 72 61 63 6b 65 72 28 74 79 70 65 2c 20 6e 61 6d 65 2c 20 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 69 66 20 28 21 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 09 70
                                                                                                                                                                                                                          Data Ascii: InsightsDualTracker = {helpers: {},trackers: {},};if (mi_track_user) {function __gtagDataLayer() {dataLayer.push(arguments);}function __gtagTracker(type, name, parameters) {if (!parameters) {p
                                                                                                                                                                                                                          2024-05-05 12:34:36 UTC1369INData Raw: 70 73 3a 2f 2f 64 65 76 65 6c 6f 70 65 72 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 6e 61 6c 79 74 69 63 73 2f 64 65 76 67 75 69 64 65 73 2f 63 6f 6c 6c 65 63 74 69 6f 6e 2f 61 6e 61 6c 79 74 69 63 73 6a 73 2f 20 2a 2f 0a 09 09 09 09 09 09 2f 2a 20 67 61 20 61 6e 64 20 5f 5f 67 61 54 72 61 63 6b 65 72 20 63 6f 6d 70 61 74 69 62 69 6c 69 74 79 20 73 68 69 6d 2e 20 2a 2f 0a 09 09 09 09 09 09 76 61 72 20 6e 6f 6f 70 66 6e 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 0a 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 76 61 72 20 6e 65 77 74 72 61 63 6b 65 72 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 65 77 20 54 72 61 63 6b 65 72 28 29 3b 0a 09 09
                                                                                                                                                                                                                          Data Ascii: ps://developers.google.com/analytics/devguides/collection/analyticsjs/ *//* ga and __gaTracker compatibility shim. */var noopfn = function () {return null;};var newtracker = function () {return new Tracker();
                                                                                                                                                                                                                          2024-05-05 12:34:36 UTC1369INData Raw: 09 27 65 76 65 6e 74 41 63 74 69 6f 6e 27 3a 20 27 70 61 67 65 5f 76 69 65 77 27 2c 0a 09 09 09 09 09 09 09 09 09 09 09 09 27 70 61 67 65 5f 70 61 74 68 27 3a 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 2c 0a 09 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 4f 62 6a 65 63 74 20 3d 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 35 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09
                                                                                                                                                                                                                          Data Ascii: 'eventAction': 'page_view','page_path': arguments[2],}}}if (typeof arguments[2] === 'object') {hitObject = arguments[2];}if (typeof arguments[5] === 'object') {
                                                                                                                                                                                                                          2024-05-05 12:34:36 UTC1369INData Raw: 27 2c 0a 09 09 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 09 09 66 6f 72 20 28 61 72 67 20 69 6e 20 61 72 67 73 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 69 66 20 28 21 28 21 61 72 67 73 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 20 7c 7c 20 21 67 61 4d 61 70 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 29 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 67 61 4d 61 70 5b 61 72 67 5d 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 61 72 67 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 68 69 74 3b
                                                                                                                                                                                                                          Data Ascii: ',};for (arg in args) {if (!(!args.hasOwnProperty(arg) || !gaMap.hasOwnProperty(arg))) {hit[gaMap[arg]] = args[arg];} else {hit[arg] = args[arg];}}return hit;
                                                                                                                                                                                                                          2024-05-05 12:34:36 UTC1369INData Raw: 72 74 79 28 6d 61 70 49 6e 64 65 78 29 29 20 7b 0a 09 09 09 09 09 09 69 74 65 6d 5b 66 69 65 6c 64 4d 61 70 5b 6d 61 70 49 6e 64 65 78 5d 5d 20 3d 20 75 61 49 74 65 6d 5b 6d 61 70 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 7d 0a 09 09 09 09 7d 0a 0a 09 09 09 09 66 6f 72 20 28 70 72 65 66 69 78 49 6e 64 65 78 20 3d 20 30 3b 20 70 72 65 66 69 78 49 6e 64 65 78 20 3c 20 74 6f 42 65 50 72 65 66 69 78 65 64 2e 6c 65 6e 67 74 68 3b 20 70 72 65 66 69 78 49 6e 64 65 78 2b 2b 29 20 7b 0a 09 09 09 09 09 70 72 65 66 69 78 4b 65 79 20 3d 20 74 6f 42 65 50 72 65 66 69 78 65 64 5b 70 72 65 66 69 78 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 75 61 49 74 65 6d 5b 70 72 65 66 69 78 4b 65 79 5d 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 29 20
                                                                                                                                                                                                                          Data Ascii: rty(mapIndex)) {item[fieldMap[mapIndex]] = uaItem[mapIndex];}}for (prefixIndex = 0; prefixIndex < toBePrefixed.length; prefixIndex++) {prefixKey = toBePrefixed[prefixIndex];if (typeof uaItem[prefixKey] !== 'undefined')
                                                                                                                                                                                                                          2024-05-05 12:34:36 UTC1369INData Raw: 29 20 7b 0a 09 09 09 09 63 6f 6e 73 74 20 69 74 65 6d 73 20 3d 20 70 61 72 61 6d 65 74 65 72 73 2e 69 74 65 6d 73 2e 6d 61 70 28 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 68 65 6c 70 65 72 73 2e 6d 61 70 50 72 6f 64 75 63 74 49 74 65 6d 29 3b 0a 09 09 09 09 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 27 65 76 65 6e 74 27 2c 20 27 73 65 6c 65 63 74 5f 69 74 65 6d 27 2c 20 7b 69 74 65 6d 73 3a 20 69 74 65 6d 73 2c 20 73 65 6e 64 5f 74 6f 3a 20 70 61 72 61 6d 65 74 65 72 73 2e 73 65 6e 64 5f 74 6f 7d 29 3b 0a 09 09 09 7d 3b 0a 0a 09 09 09 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 74 72 61 63 6b 65 72 73 5b 27 76 69 65 77 5f 69 74 65 6d 27 5d 20 3d 20 66 75 6e 63 74 69 6f 6e 20
                                                                                                                                                                                                                          Data Ascii: ) {const items = parameters.items.map(MonsterInsightsDualTracker.helpers.mapProductItem);__gtagDataLayer('event', 'select_item', {items: items, send_to: parameters.send_to});};MonsterInsightsDualTracker.trackers['view_item'] = function
                                                                                                                                                                                                                          2024-05-05 12:34:36 UTC1369INData Raw: 5d 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 75 28 65 2c 74 2c 6e 29 7b 73 77 69 74 63 68 28 74 29 7b 63 61 73 65 22 66 6c 61 67 22 3a 72 65 74 75 72 6e 20 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 32 36 61 37 5c 75 66 65 30 66 22 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 62 5c 75 32 36 61 37 5c 75 66 65 30 66 22 29 3f 21 31 3a 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 64 38 33 63 5c 75 64 64 66 33 22 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 32 30 30 62 5c 75 64 38 33 63 5c 75 64 64 66 33 22 29 26 26 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 64 62 34 30 5c 75 64 63
                                                                                                                                                                                                                          Data Ascii: ]})}function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          244192.168.2.450002104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:37 UTC885OUTGET /?custom-css=c8bee26073 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912469.54.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:37 UTC824INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:37 GMT
                                                                                                                                                                                                                          Content-Type: text/css;charset=UTF-8
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Mon, 05 May 2025 12:34:37 GMT
                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pcT4Qc4HFF6axghB4gNZD3h1bX3T4hrECK2AKrYlIbQNNT66zes%2FYMroxfm2P4wHiWFKBlIBnErl763L%2BcduypmsEwcAo%2FW4bB6oIM4O%2F5OTQAlxhnrU55qfIbA%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c4080e642040-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:37 UTC545INData Raw: 66 31 38 0d 0a 40 69 6d 70 6f 72 74 20 75 72 6c 28 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 26 64 69 73 70 6c 61 79 3d 73 77 61 70 27 29 3b 0a 0a 2f 2a 20 64 69 73 61 62 6c 65 20 64 61 72 6b 20 6d 6f 64 65 20 70 65 6e 64 69 6e 67 20 6d 6f 72 65 20 70 72 65 63 69 73 65 20 77 6f 72 6b 20 2a 2f 0a 2f 2a 20 40 69 6d 70 6f 72 74 20 22 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6d 65 6d 69 6e 7a 2f 63 73 73 2f 64 61 72 6b 6d 6f 64 65 2d 63 75 73 74 6f 6d 2e 63 73 73 22 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 20 64 61 72 6b 29 3b 0a 2a 2f 0a 0a 23 6e 6f 2d 75 73 65 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f
                                                                                                                                                                                                                          Data Ascii: f18@import url('https://fonts.googleapis.com/css2?family=Roboto&display=swap');/* disable dark mode pending more precise work *//* @import "/wp-content/themes/meminz/css/darkmode-custom.css" (prefers-color-scheme: dark);*/#no-use {margin: 0 auto
                                                                                                                                                                                                                          2024-05-05 12:34:37 UTC1369INData Raw: 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 66 6f 63 75 73 0a 7b 0a 09 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 68 6f 76 65 72 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 2e 73 65 6c 65 63 74 65 64 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74
                                                                                                                                                                                                                          Data Ascii: r-default .navbar-nav li a:focus{border: none;}.navbar-default .navbar-nav li a:hover,.navbar-default .navbar-nav li a.selected,.navbar-default .navbar-nav .active a,.navbar-default .navbar-nav .dropdown.active a,.navbar-default .navbar-nav .act
                                                                                                                                                                                                                          2024-05-05 12:34:37 UTC1369INData Raw: 30 30 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 2e 35 65 6d 3b 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 2e 35 65 6d 3b 0a 09 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 37 30 30 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 32 70 78 3b 0a 09 2d 6d 6f 7a 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 77 65 62 6b 69 74 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 6b 68 74 6d 6c 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 3b 0a 09 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 7d 0a 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 61 63 74 69 76 65 2c 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 68 6f 76 65
                                                                                                                                                                                                                          Data Ascii: 000;padding: .5em;line-height: 2.5em;font-weight: 700;border-width: 2px;-moz-border-radius: .5em;-webkit-border-radius: .5em;-khtml-border-radius: .5em .5em .5em .5em;border-radius: .5em;}a.download_button:active,a.download_button:hove
                                                                                                                                                                                                                          2024-05-05 12:34:37 UTC588INData Raw: 6e 64 2d 63 6f 6c 6f 72 3a 20 23 45 30 45 30 45 30 3b 0a 09 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 39 41 39 41 39 41 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 31 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 7d 0a 0a 2e 77 70 62 5f 63 6f 6e 74 65 6e 74 5f 65 6c 65 6d 65 6e 74 20 2e 77 70 62 5f 74 61 62 73 5f 6e 61 76 20 7b 0a 09 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 68 69 64 64 65 6e 2c 20 2e 65 64 64 5f 73 6c 5f 6e 6f 5f 6d 61 6e 61 67 65 6d 65 6e 74 2c 20 2e 65 64 64 5f 73 6c 5f 73 74 61 74 75 73 5f 6c 61 62 65 6c 2c 20 2e 65 64 64 2d 73 6c 2d 61 63 74 69 76
                                                                                                                                                                                                                          Data Ascii: nd-color: #E0E0E0;border-color: #9A9A9A;border-width: 1px;border-top-left-radius: 6px;border-top-right-radius: 6px;}.wpb_content_element .wpb_tabs_nav {border-style: none;}.hidden, .edd_sl_no_management, .edd_sl_status_label, .edd-sl-activ
                                                                                                                                                                                                                          2024-05-05 12:34:37 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          245192.168.2.450004104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:37 UTC925OUTGET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714912475 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912469.54.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:38 UTC749INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:38 GMT
                                                                                                                                                                                                                          Content-Type: text/css
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Fri, 20 Jan 2023 17:33:14 GMT
                                                                                                                                                                                                                          ETag: "1f80ab-0-5f2b571b5b143"
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: MISS
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7LjI9j8S9qr%2B97hafwMzeNr6h%2FqpRbhuoghqg%2BdqnpLC%2F3cfZWjOJ8Lwcx3ImKu7ddr%2BnXFomQAPkOvi1uXC0n19Fo4vVienLM52%2BVqoueRqeGEcI8f4HpUvca4%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c40b8d495aff-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          246192.168.2.450005104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:38 UTC1016OUTPOST /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 136
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded; charset=UTF-8
                                                                                                                                                                                                                          X-Requested-With: XMLHttpRequest
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912469.54.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:38 UTC136OUTData Raw: 61 63 74 69 6f 6e 3d 65 64 64 75 68 5f 74 72 61 63 6b 5f 68 69 73 74 6f 72 79 26 70 61 67 65 5f 75 72 6c 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 62 69 74 73 75 6d 2e 63 6f 6d 25 32 46 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 25 32 46 25 33 46 64 69 73 63 6f 75 6e 74 25 33 44 42 49 54 53 55 4d 32 35 4f 46 46 25 32 36 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 25 33 44 31 26 72 65 66 65 72 72 65 72 3d
                                                                                                                                                                                                                          Data Ascii: action=edduh_track_history&page_url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&referrer=
                                                                                                                                                                                                                          2024-05-05 12:34:38 UTC1016INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:38 GMT
                                                                                                                                                                                                                          Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                          Content-Length: 120
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          X-Robots-Tag: noindex
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vol1fvrnkQwMhp1n5G9uIyBPsvqQf4jcVIzfk2lPbkCZnVgBSk%2BUBzaeBTJI3XTYM3sU4dFhQkN%2BYqpXPKshJyF16I%2FJDq3sK5HB8m4kCR5sy8EpGY4TEFAxHUE%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c40dce4d5772-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:38 UTC120INData Raw: 7b 22 73 75 63 63 65 73 73 22 3a 74 72 75 65 2c 22 64 61 74 61 22 3a 7b 22 70 61 67 65 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 62 69 74 73 75 6d 2e 63 6f 6d 5c 2f 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 5c 2f 3f 64 69 73 63 6f 75 6e 74 3d 42 49 54 53 55 4d 32 35 4f 46 46 26 23 30 33 38 3b 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 3d 31 22 7d 7d
                                                                                                                                                                                                                          Data Ascii: {"success":true,"data":{"page_url":"https:\/\/bitsum.com\/get-lasso-pro\/?discount=BITSUM25OFF&#038;inproductcoupon=1"}}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          247192.168.2.450006216.239.38.1814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:38 UTC1235OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912476633&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=2944 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:38 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:38 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          248192.168.2.450008216.239.38.1814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:38 UTC1240OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912476633&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=2&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=2&tfd=3152 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:38 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:38 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          249192.168.2.450009216.239.38.1814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:38 UTC1690OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912476633&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr5.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr36.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr64.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true&_e [TRUNCATED]
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:38 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:38 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          250192.168.2.450010192.0.76.34434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:38 UTC691OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3149&rand=0.33416128811766366 HTTP/1.1
                                                                                                                                                                                                                          Host: pixel.wp.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: image
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:38 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:38 GMT
                                                                                                                                                                                                                          Content-Type: image/gif
                                                                                                                                                                                                                          Content-Length: 50
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:38 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                          Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          251192.168.2.450012104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:38 UTC648OUTGET /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912477.46.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:39 UTC819INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:39 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                          Content-Length: 1
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          X-Robots-Tag: noindex
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FkOC%2FundHCLLBZtnN3AEWZYFePhTkgMZUK7KAjHULfmTWyjMjeSDNpzNVN6SefTWZGUCC8MY1k2Oi1l4w26Fj5zvTym31oabewCN8x%2FC%2FZa0%2B2UcQvO4LngUdGI%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c4123c743926-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:39 UTC1INData Raw: 30
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          252192.168.2.450013192.0.76.34434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:38 UTC461OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=3149&rand=0.33416128811766366 HTTP/1.1
                                                                                                                                                                                                                          Host: pixel.wp.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:39 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:39 GMT
                                                                                                                                                                                                                          Content-Type: image/gif
                                                                                                                                                                                                                          Content-Length: 50
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:39 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                          Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          253192.168.2.45001144.229.0.334434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:39 UTC660OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 3488
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://m.stripe.network
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://m.stripe.network/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7
                                                                                                                                                                                                                          2024-05-05 12:34:39 UTC3488OUTData Raw: 4a 54 64 43 4a 54 49 79 64 6a 49 6c 4d 6a 49 6c 4d 30 45 78 4a 54 4a 44 4a 54 49 79 61 57 51 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 49 33 4d 47 4d 79 4d 44 6b 35 4d 54 67 7a 59 6a 63 30 5a 6a 6b 32 4e 47 51 35 4f 57 51 79 5a 47 52 6b 5a 6d 4e 6d 4f 54 68 69 59 69 55 79 4d 69 55 79 51 79 55 79 4d 6e 51 6c 4d 6a 49 6c 4d 30 45 79 4e 53 34 32 4a 54 4a 44 4a 54 49 79 64 47 46 6e 4a 54 49 79 4a 54 4e 42 4a 54 49 79 4e 43 34 31 4c 6a 51 7a 4a 54 49 79 4a 54 4a 44 4a 54 49 79 63 33 4a 6a 4a 54 49 79 4a 54 4e 42 4a 54 49 79 61 6e 4d 6c 4d 6a 49 6c 4d 6b 4d 6c 4d 6a 4a 68 4a 54 49 79 4a 54 4e 42 4a 54 64 43 4a 54 49 79 59 53 55 79 4d 69 55 7a 51 53 55 33 51 69 55 79 4d 6e 59 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 4a 30 63 6e 56 6c 4a 54 49 79 4a 54 4a 44 4a 54 49 79 64 43 55
                                                                                                                                                                                                                          Data Ascii: JTdCJTIydjIlMjIlM0ExJTJDJTIyaWQlMjIlM0ElMjI3MGMyMDk5MTgzYjc0Zjk2NGQ5OWQyZGRkZmNmOThiYiUyMiUyQyUyMnQlMjIlM0EyNS42JTJDJTIydGFnJTIyJTNBJTIyNC41LjQzJTIyJTJDJTIyc3JjJTIyJTNBJTIyanMlMjIlMkMlMjJhJTIyJTNBJTdCJTIyYSUyMiUzQSU3QiUyMnYlMjIlM0ElMjJ0cnVlJTIyJTJDJTIydCU
                                                                                                                                                                                                                          2024-05-05 12:34:39 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:39 GMT
                                                                                                                                                                                                                          Content-Length: 156
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          set-cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7;Expires=Tue, 05-May-2026 12:34:39 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                          x-content-type-options: nosniff
                                                                                                                                                                                                                          x-stripe-server-envoy-start-time-us: 1714912479471879
                                                                                                                                                                                                                          x-stripe-server-envoy-upstream-service-time-ms: 2
                                                                                                                                                                                                                          x-envoy-attempt-count: 1
                                                                                                                                                                                                                          x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                          x-stripe-client-envoy-start-time-us: 1714912479471568
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:34:39 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 64 61 61 33 63 63 35 32 2d 32 38 33 34 2d 34 65 61 31 2d 61 34 36 63 2d 35 37 62 37 36 35 36 63 65 66 62 39 37 39 30 32 65 39 22 2c 22 67 75 69 64 22 3a 22 32 36 39 37 37 36 30 38 2d 65 39 30 32 2d 34 39 63 37 2d 38 39 30 61 2d 38 63 66 35 61 62 30 66 38 66 31 32 35 62 63 30 65 37 22 2c 22 73 69 64 22 3a 22 65 63 66 34 65 66 37 35 2d 33 36 35 63 2d 34 37 39 33 2d 62 30 65 36 2d 63 39 34 34 37 39 38 37 35 38 39 36 38 61 32 61 36 35 22 7d
                                                                                                                                                                                                                          Data Ascii: {"muid":"daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9","guid":"26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7","sid":"ecf4ef75-365c-4793-b0e6-c944798758968a2a65"}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          254192.168.2.45001444.237.131.1214434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:41 UTC433OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7; cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9
                                                                                                                                                                                                                          2024-05-05 12:34:41 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:41 GMT
                                                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                                                          Content-Length: 138
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Location: https://stripe.com
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:34:41 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                          Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          255192.168.2.450016104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:42 UTC997OUTGET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                          Sec-Fetch-User: ?1
                                                                                                                                                                                                                          Sec-Fetch-Dest: document
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912477.46.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:43 UTC1039INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:43 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                          Link: <https://bitsum.com/wp-json/>; rel="https://api.w.org/"
                                                                                                                                                                                                                          Link: <https://bitsum.com/wp-json/wp/v2/pages/26649>; rel="alternate"; type="application/json"
                                                                                                                                                                                                                          Link: <https://bitsum.com/?p=26649>; rel=shortlink
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6biD%2B23efDa6Lvg%2Fk855705hMkXCsvCLopstHShxeCOabZsPmdMklh2nq7t%2BAxHkG9nyBFk%2BV2ljKEZmJr7d4kwr%2FauWQHmgz7qQDf8i3qIysi9AdZzVQihLWFE%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c4269be33937-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:43 UTC330INData Raw: 37 62 61 35 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65
                                                                                                                                                                                                                          Data Ascii: 7ba5<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><link rel="profile" href="http://gmpg.org/xfn/11" /><link rel="pingback" href="https://bitsum.com/xmlrpc.php" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta name
                                                                                                                                                                                                                          2024-05-05 12:34:43 UTC1369INData Raw: 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 66 61 76 69 63 6f 6e 2e 70 6e 67 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 47 65 74 20 50 72 6f 63 65 73 73 20 4c 61 73 73 6f 20 50 72 6f 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f
                                                                                                                                                                                                                          Data Ascii: ewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /><link rel="shortcut icon" href="https://bitsum.com/wp-content/uploads/favicon.png" type="image/x-icon" /><title>Get Process Lasso Pro</title><meta name="robo
                                                                                                                                                                                                                          2024-05-05 12:34:43 UTC1369INData Raw: 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 29 20 3a 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 65 66 61 75 6c 74 4c 6f 63 61 74 69 6f 6e 73 20 29 3b 0a 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 76 61 72 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 4c 6f 63 61 74 69 6f 6e 73 20 3d 20 28 74 79 70 65 6f 66 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74
                                                                                                                                                                                                                          Data Ascii: Query === 'object') ? MonsterInsightsPrivacyGuardFilter( MonsterInsightsExcludeQuery ) : MonsterInsightsPrivacyGuardFilter( MonsterInsightsDefaultLocations );} else {var MonsterInsightsLocations = (typeof MonsterInsightsExcludeQuery === 'object
                                                                                                                                                                                                                          2024-05-05 12:34:43 UTC1369INData Raw: 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 20 3d 20 7b 0a 09 09 09 09 09 68 65 6c 70 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 09 74 72 61 63 6b 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 7d 3b 0a 09 09 09 09 69 66 20 28 6d 69 5f 74 72 61 63 6b 5f 75 73 65 72 29 20 7b 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 29 20 7b 0a 09 09 09 09 09 09 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 0a 09 09 09 09 09 7d 0a 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 54 72 61 63 6b 65 72 28 74 79 70 65 2c 20 6e 61 6d 65 2c 20 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 69 66 20 28 21 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09
                                                                                                                                                                                                                          Data Ascii: erInsightsDualTracker = {helpers: {},trackers: {},};if (mi_track_user) {function __gtagDataLayer() {dataLayer.push(arguments);}function __gtagTracker(type, name, parameters) {if (!parameters) {
                                                                                                                                                                                                                          2024-05-05 12:34:43 UTC1369INData Raw: 74 74 70 73 3a 2f 2f 64 65 76 65 6c 6f 70 65 72 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 6e 61 6c 79 74 69 63 73 2f 64 65 76 67 75 69 64 65 73 2f 63 6f 6c 6c 65 63 74 69 6f 6e 2f 61 6e 61 6c 79 74 69 63 73 6a 73 2f 20 2a 2f 0a 09 09 09 09 09 09 2f 2a 20 67 61 20 61 6e 64 20 5f 5f 67 61 54 72 61 63 6b 65 72 20 63 6f 6d 70 61 74 69 62 69 6c 69 74 79 20 73 68 69 6d 2e 20 2a 2f 0a 09 09 09 09 09 09 76 61 72 20 6e 6f 6f 70 66 6e 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 0a 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 76 61 72 20 6e 65 77 74 72 61 63 6b 65 72 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 65 77 20 54 72 61 63 6b 65 72 28 29 3b 0a
                                                                                                                                                                                                                          Data Ascii: ttps://developers.google.com/analytics/devguides/collection/analyticsjs/ *//* ga and __gaTracker compatibility shim. */var noopfn = function () {return null;};var newtracker = function () {return new Tracker();
                                                                                                                                                                                                                          2024-05-05 12:34:43 UTC1369INData Raw: 09 09 09 27 65 76 65 6e 74 41 63 74 69 6f 6e 27 3a 20 27 70 61 67 65 5f 76 69 65 77 27 2c 0a 09 09 09 09 09 09 09 09 09 09 09 09 27 70 61 67 65 5f 70 61 74 68 27 3a 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 2c 0a 09 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 4f 62 6a 65 63 74 20 3d 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 35 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09
                                                                                                                                                                                                                          Data Ascii: 'eventAction': 'page_view','page_path': arguments[2],}}}if (typeof arguments[2] === 'object') {hitObject = arguments[2];}if (typeof arguments[5] === 'object') {
                                                                                                                                                                                                                          2024-05-05 12:34:43 UTC1369INData Raw: 65 72 27 2c 0a 09 09 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 09 09 66 6f 72 20 28 61 72 67 20 69 6e 20 61 72 67 73 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 69 66 20 28 21 28 21 61 72 67 73 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 20 7c 7c 20 21 67 61 4d 61 70 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 29 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 67 61 4d 61 70 5b 61 72 67 5d 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 61 72 67 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 68 69
                                                                                                                                                                                                                          Data Ascii: er',};for (arg in args) {if (!(!args.hasOwnProperty(arg) || !gaMap.hasOwnProperty(arg))) {hit[gaMap[arg]] = args[arg];} else {hit[arg] = args[arg];}}return hi
                                                                                                                                                                                                                          2024-05-05 12:34:43 UTC1369INData Raw: 70 65 72 74 79 28 6d 61 70 49 6e 64 65 78 29 29 20 7b 0a 09 09 09 09 09 09 69 74 65 6d 5b 66 69 65 6c 64 4d 61 70 5b 6d 61 70 49 6e 64 65 78 5d 5d 20 3d 20 75 61 49 74 65 6d 5b 6d 61 70 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 7d 0a 09 09 09 09 7d 0a 0a 09 09 09 09 66 6f 72 20 28 70 72 65 66 69 78 49 6e 64 65 78 20 3d 20 30 3b 20 70 72 65 66 69 78 49 6e 64 65 78 20 3c 20 74 6f 42 65 50 72 65 66 69 78 65 64 2e 6c 65 6e 67 74 68 3b 20 70 72 65 66 69 78 49 6e 64 65 78 2b 2b 29 20 7b 0a 09 09 09 09 09 70 72 65 66 69 78 4b 65 79 20 3d 20 74 6f 42 65 50 72 65 66 69 78 65 64 5b 70 72 65 66 69 78 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 75 61 49 74 65 6d 5b 70 72 65 66 69 78 4b 65 79 5d 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27
                                                                                                                                                                                                                          Data Ascii: perty(mapIndex)) {item[fieldMap[mapIndex]] = uaItem[mapIndex];}}for (prefixIndex = 0; prefixIndex < toBePrefixed.length; prefixIndex++) {prefixKey = toBePrefixed[prefixIndex];if (typeof uaItem[prefixKey] !== 'undefined'
                                                                                                                                                                                                                          2024-05-05 12:34:43 UTC1369INData Raw: 72 73 29 20 7b 0a 09 09 09 09 63 6f 6e 73 74 20 69 74 65 6d 73 20 3d 20 70 61 72 61 6d 65 74 65 72 73 2e 69 74 65 6d 73 2e 6d 61 70 28 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 68 65 6c 70 65 72 73 2e 6d 61 70 50 72 6f 64 75 63 74 49 74 65 6d 29 3b 0a 09 09 09 09 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 27 65 76 65 6e 74 27 2c 20 27 73 65 6c 65 63 74 5f 69 74 65 6d 27 2c 20 7b 69 74 65 6d 73 3a 20 69 74 65 6d 73 2c 20 73 65 6e 64 5f 74 6f 3a 20 70 61 72 61 6d 65 74 65 72 73 2e 73 65 6e 64 5f 74 6f 7d 29 3b 0a 09 09 09 7d 3b 0a 0a 09 09 09 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 74 72 61 63 6b 65 72 73 5b 27 76 69 65 77 5f 69 74 65 6d 27 5d 20 3d 20 66 75 6e 63 74 69 6f
                                                                                                                                                                                                                          Data Ascii: rs) {const items = parameters.items.map(MonsterInsightsDualTracker.helpers.mapProductItem);__gtagDataLayer('event', 'select_item', {items: items, send_to: parameters.send_to});};MonsterInsightsDualTracker.trackers['view_item'] = functio
                                                                                                                                                                                                                          2024-05-05 12:34:43 UTC1369INData Raw: 5b 74 5d 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 75 28 65 2c 74 2c 6e 29 7b 73 77 69 74 63 68 28 74 29 7b 63 61 73 65 22 66 6c 61 67 22 3a 72 65 74 75 72 6e 20 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 32 36 61 37 5c 75 66 65 30 66 22 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 62 5c 75 32 36 61 37 5c 75 66 65 30 66 22 29 3f 21 31 3a 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 64 38 33 63 5c 75 64 64 66 33 22 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 32 30 30 62 5c 75 64 38 33 63 5c 75 64 64 66 33 22 29 26 26 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 64 62 34 30 5c 75
                                                                                                                                                                                                                          Data Ascii: [t]})}function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\u


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          256192.168.2.450020198.202.176.814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:42 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                          Host: stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
                                                                                                                                                                                                                          2024-05-05 12:34:43 UTC4216INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:43 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                          Content-Length: 2253471
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                          Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                          Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                          Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                          Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                          X-Mkt-Cache: HIT
                                                                                                                                                                                                                          X-Wis-Cache-Control: max-age=300
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                          2024-05-05 12:34:43 UTC12168INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                          2024-05-05 12:34:43 UTC16384INData Raw: 64 20 2e 53 65 63 74 69 6f 6e 5f 5f 6c 61 79 6f 75 74 7b 2d 2d 73 65 63 74 69 6f 6e 50 61 64 64 69 6e 67 54 6f 70 3a 30 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 3a 32 35 30 6d 73 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 53 70 61 63 69 6e 67 3a 31 33 70 78 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a
                                                                                                                                                                                                                          Data Ascii: d .Section__layout{--sectionPaddingTop:0}</style><style>.SiteHeader{--siteMenuTransition:250ms;--siteMenuArrowSpacing:13px;--siteMenuArrowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:
                                                                                                                                                                                                                          2024-05-05 12:34:43 UTC16384INData Raw: 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 31 32 30 25 29 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 2c 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 62 61 63 6b 42 75 74 74 6f 6e 7b 6f 70 61 63 69 74 79 3a 30 3b 76 69 73 69 62 69 6c 69 74 79 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 49 6e 29 3b 70 6f 69 6e 74 65 72 2d 65 76 65 6e 74 73 3a 6e 6f
                                                                                                                                                                                                                          Data Ascii: -color:transparent}.MobileMenu--isSubMenuActive .MobileMenu__logo{transform:translateX(-120%)}.MobileMenu--isSubMenuActive .MobileMenu__logo,.MobileMenu__backButton{opacity:0;visibility:hidden;transition:var(--siteMobileMenuTransitionIn);pointer-events:no
                                                                                                                                                                                                                          2024-05-05 12:34:43 UTC16384INData Raw: 69 6f 6e 2d 70 72 6f 70 65 72 74 79 3a 74 72 61 6e 73 66 6f 72 6d 3b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 7a 2d 69 6e 64 65 78 3a 32 7d 2e 53 69 74 65 48 65 61 64 65 72 2d 2d 64 72 6f 70 64 6f 77 6e 56 69 73 69 62 6c 65 20 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 59 28 30 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 29 29 20 72 6f 74 61 74 65 28 34 35 64 65 67 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e
                                                                                                                                                                                                                          Data Ascii: ion-property:transform;transition-duration:var(--siteMenuTransition);z-index:2}.SiteHeader--dropdownVisible .SiteHeaderArrow{transform:translateY(0) translateX(var(--siteMenuArrowOffset)) rotate(45deg)}@media (max-width:899px){.SiteHeaderArrow{display:non
                                                                                                                                                                                                                          2024-05-05 12:34:43 UTC16384INData Raw: 61 64 65 72 2c 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 3d 65 73 2d 75 73 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 37 38 70 78 7d 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 2a 3d 6a 61 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 36 36 70 78 7d 7d 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 76 61 72 28 2d 2d 63 61 70 74 69 6f 6e 4d 61 72 67 69 6e 54 6f 70 29 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 36 30 30 70 78 29 7b 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 69 6e 2d 77 69 64 74 68
                                                                                                                                                                                                                          Data Ascii: ader,.MktRoot[lang=es-us] .HomepageHeroHeader{--titleFontSize:78px}.MktRoot[lang*=ja] .HomepageHeroHeader{--titleFontSize:66px}}.HomepageHeroHeader__caption{margin-top:var(--captionMarginTop)}@media (min-width:600px){.HomepageHeroHeader__caption{min-width
                                                                                                                                                                                                                          2024-05-05 12:34:43 UTC16384INData Raw: 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 5a 28 30 29 7d 2e 46 61 63 65 2e 69 73 2d 70 68 6f 6e 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 7b 6f 70 61 63 69 74 79 3a 31 3b 74 72 61 6e 73 66 6f 72 6d 3a 70 65 72 73 70 65 63 74 69 76 65 28 35 30 30 70 78 29 20 74 72 61 6e 73 6c 61 74 65 59 28 31 32 70 78 29 20 72 6f 74 61 74 65 58 28 30 64 65 67 29 3b 61 6e 69 6d 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 66 61 63 65 41 6e 69 6d 61 74 69 6f 6e 44 69 73 61 62 6c 65 64 2c 70 68 6f 6e 65 2d 74 61 70 20 32 2e 37 73 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 66 6f 72 77 61 72 64 73 20 69 6e 66 69 6e 69 74 65 20 2e 34 73 29 7d 2e 46 61 63 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 43 6c 69 70 2c 2e 46 61 63 65 20 2e 46 61 63
                                                                                                                                                                                                                          Data Ascii: flow:hidden;transform:translateZ(0)}.Face.is-phone .Face__phone{opacity:1;transform:perspective(500px) translateY(12px) rotateX(0deg);animation:var(--faceAnimationDisabled,phone-tap 2.7s ease-in-out forwards infinite .4s)}.Face .Face__phoneClip,.Face .Fac
                                                                                                                                                                                                                          2024-05-05 12:34:43 UTC16384INData Raw: 66 36 66 39 66 63 3b 2d 2d 67 72 69 64 53 75 62 63 61 72 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 2d 2d 74 61 62 6c 65 49 63 6f 6e 43 6f 6c 6f 72 3a 23 38 63 39 65 62 31 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 57 68 69 74 65 3a 23 66 66 66 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 4c 69 67 68 74 3a 23 65 33 65 37 65 63 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 44 61 72 6b 3a 23 30 61 32 35 34 30 3b 2d 2d 62 75 6c 6c 65 74 43 6f 6c 6f 72 3a 23 63 66 64 37 64 66 3b 2d 2d 66 6f 6f 74 6e 6f 74 65 54 65 78 74 43 6f 6c 6f 72 3a 23 34 64 35 62 37 38 3b 2d 2d 64 69 73 63 6c 61 69 6d 65 72 54 65 78 74 43 6f 6c 6f 72 3a 23 37 30 37 66 39 38 3b 2d 2d 69 6e 6c 69 6e 65 43 6f 64 65 54 65 78 74 43 6f 6c 6f 72 3a 23 32 63 33 61 35 37 3b 2d 2d 69 6e
                                                                                                                                                                                                                          Data Ascii: f6f9fc;--gridSubcardBackground:#fff;--tableIconColor:#8c9eb1;--stripeAccentWhite:#fff;--stripeAccentLight:#e3e7ec;--stripeAccentDark:#0a2540;--bulletColor:#cfd7df;--footnoteTextColor:#4d5b78;--disclaimerTextColor:#707f98;--inlineCodeTextColor:#2c3a57;--in
                                                                                                                                                                                                                          2024-05-05 12:34:43 UTC16384INData Raw: 6f 6c 6f 72 3a 23 66 61 62 30 30 30 7d 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 66 66 63 65 34 38 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 66 6c 61 76 6f 72 2d 2d 54 72 6f 70 69 63 61 6c 7b 2d 2d 62 6c 65 6e 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 38 30 65 39 66 66 3b 2d 2d 62 6c 65 6e 64 49 6e 74 65 72 73 65 63 74 69 6f 6e 3a 23 30 30 34 38 65 35 3b 2d 2d 62 6c 65 6e 64 46 6f 72 65 67 72 6f 75 6e 64 3a 23 37 61 37 33 66 66 3b 2d 2d 67 72 61 64 69 65 6e 74 43 6f 6c 6f 72 5a 65 72 6f
                                                                                                                                                                                                                          Data Ascii: olor:#fab000}.flavor--Sunset.theme--Dark.accent--Yellow,.flavor--Sunset.theme--Dark .accent--Yellow{--accentColor:#ffce48}</style><style>.flavor--Tropical{--blendBackground:#80e9ff;--blendIntersection:#0048e5;--blendForeground:#7a73ff;--gradientColorZero
                                                                                                                                                                                                                          2024-05-05 12:34:43 UTC16384INData Raw: 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 49 6e 76 6f 69 63 69 6e 67 46 65 61 74 75 72 65 47 72 61 70 68 69 63 2d 64 62 39 35 66 36 63 62 66 61 36 33 38 63 63 61 31 35 31 65 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 44 65 76 65 6c 6f 70 65 72 73
                                                                                                                                                                                                                          Data Ascii: esheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/InvoicingFeatureGraphic-db95f6cbfa638cca151e.css" media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Developers
                                                                                                                                                                                                                          2024-05-05 12:34:43 UTC16384INData Raw: 36 47 48 48 37 4e 46 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 50 61 79 6d 65 6e 74 73 41 6e 69 6d 61 74 69 6f 6e 2d 56 43 35 4d 44 35 32 51 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 49 63 6f 6e 47 72 69 64 2d 53 52 36 44 55 4d 59 43 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68
                                                                                                                                                                                                                          Data Ascii: 6GHH7NF.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorPaymentsAnimation-VC5MD52Q.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorIconGrid-SR6DUMYC.js"},{"critical":false,"path


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          257192.168.2.45001944.229.0.334434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:43 UTC659OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 796
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://m.stripe.network
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://m.stripe.network/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7
                                                                                                                                                                                                                          2024-05-05 12:34:43 UTC796OUTData Raw: 4a 54 64 43 4a 54 49 79 62 58 56 70 5a 43 55 79 4d 69 55 7a 51 53 55 79 4d 6d 52 68 59 54 4e 6a 59 7a 55 79 4c 54 49 34 4d 7a 51 74 4e 47 56 68 4d 53 31 68 4e 44 5a 6a 4c 54 55 33 59 6a 63 32 4e 54 5a 6a 5a 57 5a 69 4f 54 63 35 4d 44 4a 6c 4f 53 55 79 4d 69 55 79 51 79 55 79 4d 6e 4e 70 5a 43 55 79 4d 69 55 7a 51 53 55 79 4d 6d 56 6a 5a 6a 52 6c 5a 6a 63 31 4c 54 4d 32 4e 57 4d 74 4e 44 63 35 4d 79 31 69 4d 47 55 32 4c 57 4d 35 4e 44 51 33 4f 54 67 33 4e 54 67 35 4e 6a 68 68 4d 6d 45 32 4e 53 55 79 4d 69 55 79 51 79 55 79 4d 6e 56 79 62 43 55 79 4d 69 55 7a 51 53 55 79 4d 6d 68 30 64 48 42 7a 4a 54 4e 42 4a 54 4a 47 4a 54 4a 47 5a 48 52 6c 4d 31 70 32 4e 7a 4e 4e 4d 55 78 6b 57 6c 5a 31 63 54 52 51 54 45 31 49 59 6c 42 68 55 32 70 6f 56 6e 6c 30 57 45 6b
                                                                                                                                                                                                                          Data Ascii: JTdCJTIybXVpZCUyMiUzQSUyMmRhYTNjYzUyLTI4MzQtNGVhMS1hNDZjLTU3Yjc2NTZjZWZiOTc5MDJlOSUyMiUyQyUyMnNpZCUyMiUzQSUyMmVjZjRlZjc1LTM2NWMtNDc5My1iMGU2LWM5NDQ3OTg3NTg5NjhhMmE2NSUyMiUyQyUyMnVybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGZHRlM1p2NzNNMUxkWlZ1cTRQTE1IYlBhU2poVnl0WEk
                                                                                                                                                                                                                          2024-05-05 12:34:43 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:43 GMT
                                                                                                                                                                                                                          Content-Length: 156
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          set-cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7;Expires=Tue, 05-May-2026 12:34:43 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                          x-content-type-options: nosniff
                                                                                                                                                                                                                          x-stripe-server-envoy-start-time-us: 1714912483330132
                                                                                                                                                                                                                          x-stripe-server-envoy-upstream-service-time-ms: 2
                                                                                                                                                                                                                          x-envoy-attempt-count: 1
                                                                                                                                                                                                                          x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                          x-stripe-client-envoy-start-time-us: 1714912483329530
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:34:43 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 64 61 61 33 63 63 35 32 2d 32 38 33 34 2d 34 65 61 31 2d 61 34 36 63 2d 35 37 62 37 36 35 36 63 65 66 62 39 37 39 30 32 65 39 22 2c 22 67 75 69 64 22 3a 22 32 36 39 37 37 36 30 38 2d 65 39 30 32 2d 34 39 63 37 2d 38 39 30 61 2d 38 63 66 35 61 62 30 66 38 66 31 32 35 62 63 30 65 37 22 2c 22 73 69 64 22 3a 22 65 63 66 34 65 66 37 35 2d 33 36 35 63 2d 34 37 39 33 2d 62 30 65 36 2d 63 39 34 34 37 39 38 37 35 38 39 36 38 61 32 61 36 35 22 7d
                                                                                                                                                                                                                          Data Ascii: {"muid":"daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9","guid":"26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7","sid":"ecf4ef75-365c-4793-b0e6-c944798758968a2a65"}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          258192.168.2.45002244.237.131.1214434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:43 UTC433OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7; cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9
                                                                                                                                                                                                                          2024-05-05 12:34:44 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:44 GMT
                                                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                                                          Content-Length: 138
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Location: https://stripe.com
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:34:44 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                          Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          259192.168.2.450015104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:43 UTC885OUTGET /?custom-css=c8bee26073 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912477.46.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:44 UTC824INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:44 GMT
                                                                                                                                                                                                                          Content-Type: text/css;charset=UTF-8
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Mon, 05 May 2025 12:34:44 GMT
                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y69jECo2qGsExhSN%2FifeR3NqlYrBe%2BFdpjBn9zeuxrf6OGvYialhdgE4GGpaGsYVXsmufsyuf6IZvdudAu3dj75ro77HXQuSWMMHGJt%2Fru%2F57SFs99Um5FcP2go%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c430da461727-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:44 UTC545INData Raw: 66 31 38 0d 0a 40 69 6d 70 6f 72 74 20 75 72 6c 28 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 26 64 69 73 70 6c 61 79 3d 73 77 61 70 27 29 3b 0a 0a 2f 2a 20 64 69 73 61 62 6c 65 20 64 61 72 6b 20 6d 6f 64 65 20 70 65 6e 64 69 6e 67 20 6d 6f 72 65 20 70 72 65 63 69 73 65 20 77 6f 72 6b 20 2a 2f 0a 2f 2a 20 40 69 6d 70 6f 72 74 20 22 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6d 65 6d 69 6e 7a 2f 63 73 73 2f 64 61 72 6b 6d 6f 64 65 2d 63 75 73 74 6f 6d 2e 63 73 73 22 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 20 64 61 72 6b 29 3b 0a 2a 2f 0a 0a 23 6e 6f 2d 75 73 65 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f
                                                                                                                                                                                                                          Data Ascii: f18@import url('https://fonts.googleapis.com/css2?family=Roboto&display=swap');/* disable dark mode pending more precise work *//* @import "/wp-content/themes/meminz/css/darkmode-custom.css" (prefers-color-scheme: dark);*/#no-use {margin: 0 auto
                                                                                                                                                                                                                          2024-05-05 12:34:44 UTC1369INData Raw: 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 66 6f 63 75 73 0a 7b 0a 09 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 68 6f 76 65 72 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 2e 73 65 6c 65 63 74 65 64 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74
                                                                                                                                                                                                                          Data Ascii: r-default .navbar-nav li a:focus{border: none;}.navbar-default .navbar-nav li a:hover,.navbar-default .navbar-nav li a.selected,.navbar-default .navbar-nav .active a,.navbar-default .navbar-nav .dropdown.active a,.navbar-default .navbar-nav .act
                                                                                                                                                                                                                          2024-05-05 12:34:44 UTC1369INData Raw: 30 30 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 2e 35 65 6d 3b 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 2e 35 65 6d 3b 0a 09 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 37 30 30 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 32 70 78 3b 0a 09 2d 6d 6f 7a 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 77 65 62 6b 69 74 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 6b 68 74 6d 6c 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 3b 0a 09 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 7d 0a 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 61 63 74 69 76 65 2c 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 68 6f 76 65
                                                                                                                                                                                                                          Data Ascii: 000;padding: .5em;line-height: 2.5em;font-weight: 700;border-width: 2px;-moz-border-radius: .5em;-webkit-border-radius: .5em;-khtml-border-radius: .5em .5em .5em .5em;border-radius: .5em;}a.download_button:active,a.download_button:hove
                                                                                                                                                                                                                          2024-05-05 12:34:44 UTC588INData Raw: 6e 64 2d 63 6f 6c 6f 72 3a 20 23 45 30 45 30 45 30 3b 0a 09 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 39 41 39 41 39 41 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 31 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 7d 0a 0a 2e 77 70 62 5f 63 6f 6e 74 65 6e 74 5f 65 6c 65 6d 65 6e 74 20 2e 77 70 62 5f 74 61 62 73 5f 6e 61 76 20 7b 0a 09 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 68 69 64 64 65 6e 2c 20 2e 65 64 64 5f 73 6c 5f 6e 6f 5f 6d 61 6e 61 67 65 6d 65 6e 74 2c 20 2e 65 64 64 5f 73 6c 5f 73 74 61 74 75 73 5f 6c 61 62 65 6c 2c 20 2e 65 64 64 2d 73 6c 2d 61 63 74 69 76
                                                                                                                                                                                                                          Data Ascii: nd-color: #E0E0E0;border-color: #9A9A9A;border-width: 1px;border-top-left-radius: 6px;border-top-right-radius: 6px;}.wpb_content_element .wpb_tabs_nav {border-style: none;}.hidden, .edd_sl_no_management, .edd_sl_status_label, .edd-sl-activ
                                                                                                                                                                                                                          2024-05-05 12:34:44 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          260192.168.2.450023104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:44 UTC1016OUTPOST /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 136
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded; charset=UTF-8
                                                                                                                                                                                                                          X-Requested-With: XMLHttpRequest
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912483.40.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:44 UTC136OUTData Raw: 61 63 74 69 6f 6e 3d 65 64 64 75 68 5f 74 72 61 63 6b 5f 68 69 73 74 6f 72 79 26 70 61 67 65 5f 75 72 6c 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 62 69 74 73 75 6d 2e 63 6f 6d 25 32 46 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 25 32 46 25 33 46 64 69 73 63 6f 75 6e 74 25 33 44 42 49 54 53 55 4d 32 35 4f 46 46 25 32 36 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 25 33 44 31 26 72 65 66 65 72 72 65 72 3d
                                                                                                                                                                                                                          Data Ascii: action=edduh_track_history&page_url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&referrer=
                                                                                                                                                                                                                          2024-05-05 12:34:44 UTC1022INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:44 GMT
                                                                                                                                                                                                                          Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                          Content-Length: 120
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          X-Robots-Tag: noindex
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KCvuvv4QrDIzuS%2B2RS0ru7jeMjLcn5b651%2F9u1T9xSEok%2BnwmuulsZJxsh%2FiWMNJ7%2F1t5FeolOqW99CD%2Fhovr3qFBMRIAyehSEaFX6xPCeJc63cKuNuMqdLn6Wg%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c4333805062b-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:44 UTC120INData Raw: 7b 22 73 75 63 63 65 73 73 22 3a 74 72 75 65 2c 22 64 61 74 61 22 3a 7b 22 70 61 67 65 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 62 69 74 73 75 6d 2e 63 6f 6d 5c 2f 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 5c 2f 3f 64 69 73 63 6f 75 6e 74 3d 42 49 54 53 55 4d 32 35 4f 46 46 26 23 30 33 38 3b 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 3d 31 22 7d 7d
                                                                                                                                                                                                                          Data Ascii: {"success":true,"data":{"page_url":"https:\/\/bitsum.com\/get-lasso-pro\/?discount=BITSUM25OFF&#038;inproductcoupon=1"}}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          261192.168.2.450025104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:44 UTC925OUTGET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714912483 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912477.46.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:44 UTC747INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:44 GMT
                                                                                                                                                                                                                          Content-Type: text/css
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Fri, 20 Jan 2023 17:33:14 GMT
                                                                                                                                                                                                                          ETag: "1f80ab-0-5f2b571b5b143"
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: MISS
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dAu%2F9usjOugrOvh6U%2F42dObp6JtgtrOnOwLxy0nCmIn%2BSBBGYGQQ9L7g16LBG9Kf3BAfm4RsNsMp2MeemSxgsyRn3uFiyrB6Bd50RpwpT4Xi%2B8t%2F7l0sO8SrJR0%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c4338871826f-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          262192.168.2.450024216.239.38.1814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:44 UTC1235OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912483188&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=2191 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:44 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:44 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          263192.168.2.450027216.239.38.1814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:45 UTC1240OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912476633&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=3&tfd=9099 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:45 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:45 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          264192.168.2.450026198.202.176.814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:45 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                          Host: stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
                                                                                                                                                                                                                          2024-05-05 12:34:45 UTC4216INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:45 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                          Content-Length: 2253471
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                          Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                          Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                          Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                          Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                          X-Mkt-Cache: HIT
                                                                                                                                                                                                                          X-Wis-Cache-Control: max-age=300
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                          2024-05-05 12:34:45 UTC12168INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                          2024-05-05 12:34:45 UTC16384INData Raw: 64 20 2e 53 65 63 74 69 6f 6e 5f 5f 6c 61 79 6f 75 74 7b 2d 2d 73 65 63 74 69 6f 6e 50 61 64 64 69 6e 67 54 6f 70 3a 30 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 3a 32 35 30 6d 73 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 53 70 61 63 69 6e 67 3a 31 33 70 78 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a
                                                                                                                                                                                                                          Data Ascii: d .Section__layout{--sectionPaddingTop:0}</style><style>.SiteHeader{--siteMenuTransition:250ms;--siteMenuArrowSpacing:13px;--siteMenuArrowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:
                                                                                                                                                                                                                          2024-05-05 12:34:45 UTC16384INData Raw: 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 31 32 30 25 29 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 2c 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 62 61 63 6b 42 75 74 74 6f 6e 7b 6f 70 61 63 69 74 79 3a 30 3b 76 69 73 69 62 69 6c 69 74 79 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 49 6e 29 3b 70 6f 69 6e 74 65 72 2d 65 76 65 6e 74 73 3a 6e 6f
                                                                                                                                                                                                                          Data Ascii: -color:transparent}.MobileMenu--isSubMenuActive .MobileMenu__logo{transform:translateX(-120%)}.MobileMenu--isSubMenuActive .MobileMenu__logo,.MobileMenu__backButton{opacity:0;visibility:hidden;transition:var(--siteMobileMenuTransitionIn);pointer-events:no
                                                                                                                                                                                                                          2024-05-05 12:34:46 UTC16384INData Raw: 69 6f 6e 2d 70 72 6f 70 65 72 74 79 3a 74 72 61 6e 73 66 6f 72 6d 3b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 7a 2d 69 6e 64 65 78 3a 32 7d 2e 53 69 74 65 48 65 61 64 65 72 2d 2d 64 72 6f 70 64 6f 77 6e 56 69 73 69 62 6c 65 20 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 59 28 30 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 29 29 20 72 6f 74 61 74 65 28 34 35 64 65 67 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e
                                                                                                                                                                                                                          Data Ascii: ion-property:transform;transition-duration:var(--siteMenuTransition);z-index:2}.SiteHeader--dropdownVisible .SiteHeaderArrow{transform:translateY(0) translateX(var(--siteMenuArrowOffset)) rotate(45deg)}@media (max-width:899px){.SiteHeaderArrow{display:non
                                                                                                                                                                                                                          2024-05-05 12:34:46 UTC16384INData Raw: 61 64 65 72 2c 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 3d 65 73 2d 75 73 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 37 38 70 78 7d 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 2a 3d 6a 61 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 36 36 70 78 7d 7d 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 76 61 72 28 2d 2d 63 61 70 74 69 6f 6e 4d 61 72 67 69 6e 54 6f 70 29 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 36 30 30 70 78 29 7b 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 69 6e 2d 77 69 64 74 68
                                                                                                                                                                                                                          Data Ascii: ader,.MktRoot[lang=es-us] .HomepageHeroHeader{--titleFontSize:78px}.MktRoot[lang*=ja] .HomepageHeroHeader{--titleFontSize:66px}}.HomepageHeroHeader__caption{margin-top:var(--captionMarginTop)}@media (min-width:600px){.HomepageHeroHeader__caption{min-width
                                                                                                                                                                                                                          2024-05-05 12:34:46 UTC16384INData Raw: 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 5a 28 30 29 7d 2e 46 61 63 65 2e 69 73 2d 70 68 6f 6e 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 7b 6f 70 61 63 69 74 79 3a 31 3b 74 72 61 6e 73 66 6f 72 6d 3a 70 65 72 73 70 65 63 74 69 76 65 28 35 30 30 70 78 29 20 74 72 61 6e 73 6c 61 74 65 59 28 31 32 70 78 29 20 72 6f 74 61 74 65 58 28 30 64 65 67 29 3b 61 6e 69 6d 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 66 61 63 65 41 6e 69 6d 61 74 69 6f 6e 44 69 73 61 62 6c 65 64 2c 70 68 6f 6e 65 2d 74 61 70 20 32 2e 37 73 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 66 6f 72 77 61 72 64 73 20 69 6e 66 69 6e 69 74 65 20 2e 34 73 29 7d 2e 46 61 63 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 43 6c 69 70 2c 2e 46 61 63 65 20 2e 46 61 63
                                                                                                                                                                                                                          Data Ascii: flow:hidden;transform:translateZ(0)}.Face.is-phone .Face__phone{opacity:1;transform:perspective(500px) translateY(12px) rotateX(0deg);animation:var(--faceAnimationDisabled,phone-tap 2.7s ease-in-out forwards infinite .4s)}.Face .Face__phoneClip,.Face .Fac
                                                                                                                                                                                                                          2024-05-05 12:34:46 UTC16384INData Raw: 66 36 66 39 66 63 3b 2d 2d 67 72 69 64 53 75 62 63 61 72 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 2d 2d 74 61 62 6c 65 49 63 6f 6e 43 6f 6c 6f 72 3a 23 38 63 39 65 62 31 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 57 68 69 74 65 3a 23 66 66 66 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 4c 69 67 68 74 3a 23 65 33 65 37 65 63 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 44 61 72 6b 3a 23 30 61 32 35 34 30 3b 2d 2d 62 75 6c 6c 65 74 43 6f 6c 6f 72 3a 23 63 66 64 37 64 66 3b 2d 2d 66 6f 6f 74 6e 6f 74 65 54 65 78 74 43 6f 6c 6f 72 3a 23 34 64 35 62 37 38 3b 2d 2d 64 69 73 63 6c 61 69 6d 65 72 54 65 78 74 43 6f 6c 6f 72 3a 23 37 30 37 66 39 38 3b 2d 2d 69 6e 6c 69 6e 65 43 6f 64 65 54 65 78 74 43 6f 6c 6f 72 3a 23 32 63 33 61 35 37 3b 2d 2d 69 6e
                                                                                                                                                                                                                          Data Ascii: f6f9fc;--gridSubcardBackground:#fff;--tableIconColor:#8c9eb1;--stripeAccentWhite:#fff;--stripeAccentLight:#e3e7ec;--stripeAccentDark:#0a2540;--bulletColor:#cfd7df;--footnoteTextColor:#4d5b78;--disclaimerTextColor:#707f98;--inlineCodeTextColor:#2c3a57;--in
                                                                                                                                                                                                                          2024-05-05 12:34:46 UTC16384INData Raw: 6f 6c 6f 72 3a 23 66 61 62 30 30 30 7d 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 66 66 63 65 34 38 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 66 6c 61 76 6f 72 2d 2d 54 72 6f 70 69 63 61 6c 7b 2d 2d 62 6c 65 6e 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 38 30 65 39 66 66 3b 2d 2d 62 6c 65 6e 64 49 6e 74 65 72 73 65 63 74 69 6f 6e 3a 23 30 30 34 38 65 35 3b 2d 2d 62 6c 65 6e 64 46 6f 72 65 67 72 6f 75 6e 64 3a 23 37 61 37 33 66 66 3b 2d 2d 67 72 61 64 69 65 6e 74 43 6f 6c 6f 72 5a 65 72 6f
                                                                                                                                                                                                                          Data Ascii: olor:#fab000}.flavor--Sunset.theme--Dark.accent--Yellow,.flavor--Sunset.theme--Dark .accent--Yellow{--accentColor:#ffce48}</style><style>.flavor--Tropical{--blendBackground:#80e9ff;--blendIntersection:#0048e5;--blendForeground:#7a73ff;--gradientColorZero
                                                                                                                                                                                                                          2024-05-05 12:34:46 UTC16384INData Raw: 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 49 6e 76 6f 69 63 69 6e 67 46 65 61 74 75 72 65 47 72 61 70 68 69 63 2d 64 62 39 35 66 36 63 62 66 61 36 33 38 63 63 61 31 35 31 65 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 44 65 76 65 6c 6f 70 65 72 73
                                                                                                                                                                                                                          Data Ascii: esheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/InvoicingFeatureGraphic-db95f6cbfa638cca151e.css" media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Developers
                                                                                                                                                                                                                          2024-05-05 12:34:46 UTC16384INData Raw: 36 47 48 48 37 4e 46 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 50 61 79 6d 65 6e 74 73 41 6e 69 6d 61 74 69 6f 6e 2d 56 43 35 4d 44 35 32 51 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 49 63 6f 6e 47 72 69 64 2d 53 52 36 44 55 4d 59 43 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68
                                                                                                                                                                                                                          Data Ascii: 6GHH7NF.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorPaymentsAnimation-VC5MD52Q.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorIconGrid-SR6DUMYC.js"},{"critical":false,"path


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          265192.168.2.450029192.0.76.34434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:46 UTC690OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=4119&rand=0.6201211102575397 HTTP/1.1
                                                                                                                                                                                                                          Host: pixel.wp.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: image
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:46 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:46 GMT
                                                                                                                                                                                                                          Content-Type: image/gif
                                                                                                                                                                                                                          Content-Length: 50
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:46 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                          Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          266192.168.2.450028216.239.38.1814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:46 UTC1234OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912483188&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=2&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&tfd=4264 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:46 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:46 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          267192.168.2.450030216.239.38.1814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:46 UTC1682OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912483188&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr5.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr36.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr64.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true&tf [TRUNCATED]
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:46 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:46 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          268192.168.2.450032104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:46 UTC648OUTGET /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912485.38.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:47 UTC819INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:47 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                          Content-Length: 1
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          X-Robots-Tag: noindex
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HeTL%2BfvCpfjvHxkOBrbixMl40j03DEpwSDgOIJW7q%2B29h3T5BSLi09NtURtKIYwSIseXUzGX7TcuW6c9NbfAr%2BhwqnMi1Qd0o0%2BH53UEgPsOltac4MKhEEusk%2FY%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c44449bb2052-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:47 UTC1INData Raw: 30
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          269192.168.2.450033192.0.76.34434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:46 UTC460OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=4119&rand=0.6201211102575397 HTTP/1.1
                                                                                                                                                                                                                          Host: pixel.wp.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:47 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:47 GMT
                                                                                                                                                                                                                          Content-Type: image/gif
                                                                                                                                                                                                                          Content-Length: 50
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:47 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                          Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          270192.168.2.45003144.229.0.334434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:47 UTC660OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 3492
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://m.stripe.network
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://m.stripe.network/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7
                                                                                                                                                                                                                          2024-05-05 12:34:47 UTC3492OUTData Raw: 4a 54 64 43 4a 54 49 79 64 6a 49 6c 4d 6a 49 6c 4d 30 45 78 4a 54 4a 44 4a 54 49 79 61 57 51 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 49 33 4d 47 4d 79 4d 44 6b 35 4d 54 67 7a 59 6a 63 30 5a 6a 6b 32 4e 47 51 35 4f 57 51 79 5a 47 52 6b 5a 6d 4e 6d 4f 54 68 69 59 69 55 79 4d 69 55 79 51 79 55 79 4d 6e 51 6c 4d 6a 49 6c 4d 30 45 78 4d 44 67 75 4e 53 55 79 51 79 55 79 4d 6e 52 68 5a 79 55 79 4d 69 55 7a 51 53 55 79 4d 6a 51 75 4e 53 34 30 4d 79 55 79 4d 69 55 79 51 79 55 79 4d 6e 4e 79 59 79 55 79 4d 69 55 7a 51 53 55 79 4d 6d 70 7a 4a 54 49 79 4a 54 4a 44 4a 54 49 79 59 53 55 79 4d 69 55 7a 51 53 55 33 51 69 55 79 4d 6d 45 6c 4d 6a 49 6c 4d 30 45 6c 4e 30 49 6c 4d 6a 4a 32 4a 54 49 79 4a 54 4e 42 4a 54 49 79 64 48 4a 31 5a 53 55 79 4d 69 55 79 51 79 55 79 4d 6e 51
                                                                                                                                                                                                                          Data Ascii: JTdCJTIydjIlMjIlM0ExJTJDJTIyaWQlMjIlM0ElMjI3MGMyMDk5MTgzYjc0Zjk2NGQ5OWQyZGRkZmNmOThiYiUyMiUyQyUyMnQlMjIlM0ExMDguNSUyQyUyMnRhZyUyMiUzQSUyMjQuNS40MyUyMiUyQyUyMnNyYyUyMiUzQSUyMmpzJTIyJTJDJTIyYSUyMiUzQSU3QiUyMmElMjIlM0ElN0IlMjJ2JTIyJTNBJTIydHJ1ZSUyMiUyQyUyMnQ
                                                                                                                                                                                                                          2024-05-05 12:34:47 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:47 GMT
                                                                                                                                                                                                                          Content-Length: 156
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          set-cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7;Expires=Tue, 05-May-2026 12:34:47 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                          x-content-type-options: nosniff
                                                                                                                                                                                                                          x-stripe-server-envoy-start-time-us: 1714912487312717
                                                                                                                                                                                                                          x-stripe-server-envoy-upstream-service-time-ms: 2
                                                                                                                                                                                                                          x-envoy-attempt-count: 1
                                                                                                                                                                                                                          x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                          x-stripe-client-envoy-start-time-us: 1714912487312414
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:34:47 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 64 61 61 33 63 63 35 32 2d 32 38 33 34 2d 34 65 61 31 2d 61 34 36 63 2d 35 37 62 37 36 35 36 63 65 66 62 39 37 39 30 32 65 39 22 2c 22 67 75 69 64 22 3a 22 32 36 39 37 37 36 30 38 2d 65 39 30 32 2d 34 39 63 37 2d 38 39 30 61 2d 38 63 66 35 61 62 30 66 38 66 31 32 35 62 63 30 65 37 22 2c 22 73 69 64 22 3a 22 65 63 66 34 65 66 37 35 2d 33 36 35 63 2d 34 37 39 33 2d 62 30 65 36 2d 63 39 34 34 37 39 38 37 35 38 39 36 38 61 32 61 36 35 22 7d
                                                                                                                                                                                                                          Data Ascii: {"muid":"daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9","guid":"26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7","sid":"ecf4ef75-365c-4793-b0e6-c944798758968a2a65"}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          271192.168.2.45003444.237.131.1214434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:48 UTC433OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7; cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9
                                                                                                                                                                                                                          2024-05-05 12:34:48 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:48 GMT
                                                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                                                          Content-Length: 138
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Location: https://stripe.com
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:34:48 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                          Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          272192.168.2.450035104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:50 UTC997OUTGET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                          Sec-Fetch-User: ?1
                                                                                                                                                                                                                          Sec-Fetch-Dest: document
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912485.38.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:51 UTC1031INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:51 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                          Link: <https://bitsum.com/wp-json/>; rel="https://api.w.org/"
                                                                                                                                                                                                                          Link: <https://bitsum.com/wp-json/wp/v2/pages/26649>; rel="alternate"; type="application/json"
                                                                                                                                                                                                                          Link: <https://bitsum.com/?p=26649>; rel=shortlink
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gaezPSKA9qech1a%2FywtYFwoljmBgeC9KjimqzfZk4uruxWuFExh6YAFCC5w33rXGNHQnic1CSGCVoizghuLmQcrVfDyBWqCHeTR7SP0mGpMM9it6uordOFD7QGU%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c45b8d228f26-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:51 UTC338INData Raw: 37 62 61 64 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65
                                                                                                                                                                                                                          Data Ascii: 7bad<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><link rel="profile" href="http://gmpg.org/xfn/11" /><link rel="pingback" href="https://bitsum.com/xmlrpc.php" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta name
                                                                                                                                                                                                                          2024-05-05 12:34:51 UTC1369INData Raw: 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 66 61 76 69 63 6f 6e 2e 70 6e 67 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 47 65 74 20 50 72 6f 63 65 73 73 20 4c 61 73 73 6f 20 50 72 6f 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74
                                                                                                                                                                                                                          Data Ascii: content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /><link rel="shortcut icon" href="https://bitsum.com/wp-content/uploads/favicon.png" type="image/x-icon" /><title>Get Process Lasso Pro</title><meta name="robots" cont
                                                                                                                                                                                                                          2024-05-05 12:34:51 UTC1369INData Raw: 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 29 20 3a 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 65 66 61 75 6c 74 4c 6f 63 61 74 69 6f 6e 73 20 29 3b 0a 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 76 61 72 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 4c 6f 63 61 74 69 6f 6e 73 20 3d 20 28 74 79 70 65 6f 66 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d 6f 6e
                                                                                                                                                                                                                          Data Ascii: = 'object') ? MonsterInsightsPrivacyGuardFilter( MonsterInsightsExcludeQuery ) : MonsterInsightsPrivacyGuardFilter( MonsterInsightsDefaultLocations );} else {var MonsterInsightsLocations = (typeof MonsterInsightsExcludeQuery === 'object') ? Mon
                                                                                                                                                                                                                          2024-05-05 12:34:51 UTC1369INData Raw: 74 73 44 75 61 6c 54 72 61 63 6b 65 72 20 3d 20 7b 0a 09 09 09 09 09 68 65 6c 70 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 09 74 72 61 63 6b 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 7d 3b 0a 09 09 09 09 69 66 20 28 6d 69 5f 74 72 61 63 6b 5f 75 73 65 72 29 20 7b 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 29 20 7b 0a 09 09 09 09 09 09 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 0a 09 09 09 09 09 7d 0a 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 54 72 61 63 6b 65 72 28 74 79 70 65 2c 20 6e 61 6d 65 2c 20 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 69 66 20 28 21 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 09 70 61 72 61 6d 65 74
                                                                                                                                                                                                                          Data Ascii: tsDualTracker = {helpers: {},trackers: {},};if (mi_track_user) {function __gtagDataLayer() {dataLayer.push(arguments);}function __gtagTracker(type, name, parameters) {if (!parameters) {paramet
                                                                                                                                                                                                                          2024-05-05 12:34:51 UTC1369INData Raw: 65 76 65 6c 6f 70 65 72 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 6e 61 6c 79 74 69 63 73 2f 64 65 76 67 75 69 64 65 73 2f 63 6f 6c 6c 65 63 74 69 6f 6e 2f 61 6e 61 6c 79 74 69 63 73 6a 73 2f 20 2a 2f 0a 09 09 09 09 09 09 2f 2a 20 67 61 20 61 6e 64 20 5f 5f 67 61 54 72 61 63 6b 65 72 20 63 6f 6d 70 61 74 69 62 69 6c 69 74 79 20 73 68 69 6d 2e 20 2a 2f 0a 09 09 09 09 09 09 76 61 72 20 6e 6f 6f 70 66 6e 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 0a 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 76 61 72 20 6e 65 77 74 72 61 63 6b 65 72 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 65 77 20 54 72 61 63 6b 65 72 28 29 3b 0a 09 09 09 09 09 09 7d 3b
                                                                                                                                                                                                                          Data Ascii: evelopers.google.com/analytics/devguides/collection/analyticsjs/ *//* ga and __gaTracker compatibility shim. */var noopfn = function () {return null;};var newtracker = function () {return new Tracker();};
                                                                                                                                                                                                                          2024-05-05 12:34:51 UTC1369INData Raw: 74 41 63 74 69 6f 6e 27 3a 20 27 70 61 67 65 5f 76 69 65 77 27 2c 0a 09 09 09 09 09 09 09 09 09 09 09 09 27 70 61 67 65 5f 70 61 74 68 27 3a 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 2c 0a 09 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 4f 62 6a 65 63 74 20 3d 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 35 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 4f 62
                                                                                                                                                                                                                          Data Ascii: tAction': 'page_view','page_path': arguments[2],}}}if (typeof arguments[2] === 'object') {hitObject = arguments[2];}if (typeof arguments[5] === 'object') {Ob
                                                                                                                                                                                                                          2024-05-05 12:34:51 UTC1369INData Raw: 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 09 09 66 6f 72 20 28 61 72 67 20 69 6e 20 61 72 67 73 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 69 66 20 28 21 28 21 61 72 67 73 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 20 7c 7c 20 21 67 61 4d 61 70 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 29 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 67 61 4d 61 70 5b 61 72 67 5d 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 61 72 67 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 68 69 74 3b 0a 09 09 09 09 09
                                                                                                                                                                                                                          Data Ascii: };for (arg in args) {if (!(!args.hasOwnProperty(arg) || !gaMap.hasOwnProperty(arg))) {hit[gaMap[arg]] = args[arg];} else {hit[arg] = args[arg];}}return hit;
                                                                                                                                                                                                                          2024-05-05 12:34:51 UTC1369INData Raw: 70 49 6e 64 65 78 29 29 20 7b 0a 09 09 09 09 09 09 69 74 65 6d 5b 66 69 65 6c 64 4d 61 70 5b 6d 61 70 49 6e 64 65 78 5d 5d 20 3d 20 75 61 49 74 65 6d 5b 6d 61 70 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 7d 0a 09 09 09 09 7d 0a 0a 09 09 09 09 66 6f 72 20 28 70 72 65 66 69 78 49 6e 64 65 78 20 3d 20 30 3b 20 70 72 65 66 69 78 49 6e 64 65 78 20 3c 20 74 6f 42 65 50 72 65 66 69 78 65 64 2e 6c 65 6e 67 74 68 3b 20 70 72 65 66 69 78 49 6e 64 65 78 2b 2b 29 20 7b 0a 09 09 09 09 09 70 72 65 66 69 78 4b 65 79 20 3d 20 74 6f 42 65 50 72 65 66 69 78 65 64 5b 70 72 65 66 69 78 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 75 61 49 74 65 6d 5b 70 72 65 66 69 78 4b 65 79 5d 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 29 20 7b 0a 09 09 09 09
                                                                                                                                                                                                                          Data Ascii: pIndex)) {item[fieldMap[mapIndex]] = uaItem[mapIndex];}}for (prefixIndex = 0; prefixIndex < toBePrefixed.length; prefixIndex++) {prefixKey = toBePrefixed[prefixIndex];if (typeof uaItem[prefixKey] !== 'undefined') {
                                                                                                                                                                                                                          2024-05-05 12:34:51 UTC1369INData Raw: 09 09 63 6f 6e 73 74 20 69 74 65 6d 73 20 3d 20 70 61 72 61 6d 65 74 65 72 73 2e 69 74 65 6d 73 2e 6d 61 70 28 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 68 65 6c 70 65 72 73 2e 6d 61 70 50 72 6f 64 75 63 74 49 74 65 6d 29 3b 0a 09 09 09 09 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 27 65 76 65 6e 74 27 2c 20 27 73 65 6c 65 63 74 5f 69 74 65 6d 27 2c 20 7b 69 74 65 6d 73 3a 20 69 74 65 6d 73 2c 20 73 65 6e 64 5f 74 6f 3a 20 70 61 72 61 6d 65 74 65 72 73 2e 73 65 6e 64 5f 74 6f 7d 29 3b 0a 09 09 09 7d 3b 0a 0a 09 09 09 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 74 72 61 63 6b 65 72 73 5b 27 76 69 65 77 5f 69 74 65 6d 27 5d 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 70 61 72 61 6d
                                                                                                                                                                                                                          Data Ascii: const items = parameters.items.map(MonsterInsightsDualTracker.helpers.mapProductItem);__gtagDataLayer('event', 'select_item', {items: items, send_to: parameters.send_to});};MonsterInsightsDualTracker.trackers['view_item'] = function (param
                                                                                                                                                                                                                          2024-05-05 12:34:51 UTC1369INData Raw: 6e 63 74 69 6f 6e 20 75 28 65 2c 74 2c 6e 29 7b 73 77 69 74 63 68 28 74 29 7b 63 61 73 65 22 66 6c 61 67 22 3a 72 65 74 75 72 6e 20 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 32 36 61 37 5c 75 66 65 30 66 22 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 62 5c 75 32 36 61 37 5c 75 66 65 30 66 22 29 3f 21 31 3a 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 64 38 33 63 5c 75 64 64 66 33 22 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 32 30 30 62 5c 75 64 38 33 63 5c 75 64 64 66 33 22 29 26 26 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 64 62 34 30 5c 75 64 63 36 35 5c 75 64 62
                                                                                                                                                                                                                          Data Ascii: nction u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc65\udb


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          273192.168.2.450037198.202.176.814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:51 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                          Host: stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
                                                                                                                                                                                                                          2024-05-05 12:34:51 UTC4216INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:51 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                          Content-Length: 2253471
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                          Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                          Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                          Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                          Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                          X-Mkt-Cache: HIT
                                                                                                                                                                                                                          X-Wis-Cache-Control: max-age=300
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                          2024-05-05 12:34:51 UTC12168INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                          2024-05-05 12:34:51 UTC16384INData Raw: 64 20 2e 53 65 63 74 69 6f 6e 5f 5f 6c 61 79 6f 75 74 7b 2d 2d 73 65 63 74 69 6f 6e 50 61 64 64 69 6e 67 54 6f 70 3a 30 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 3a 32 35 30 6d 73 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 53 70 61 63 69 6e 67 3a 31 33 70 78 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a
                                                                                                                                                                                                                          Data Ascii: d .Section__layout{--sectionPaddingTop:0}</style><style>.SiteHeader{--siteMenuTransition:250ms;--siteMenuArrowSpacing:13px;--siteMenuArrowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:
                                                                                                                                                                                                                          2024-05-05 12:34:51 UTC16384INData Raw: 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 31 32 30 25 29 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 2c 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 62 61 63 6b 42 75 74 74 6f 6e 7b 6f 70 61 63 69 74 79 3a 30 3b 76 69 73 69 62 69 6c 69 74 79 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 49 6e 29 3b 70 6f 69 6e 74 65 72 2d 65 76 65 6e 74 73 3a 6e 6f
                                                                                                                                                                                                                          Data Ascii: -color:transparent}.MobileMenu--isSubMenuActive .MobileMenu__logo{transform:translateX(-120%)}.MobileMenu--isSubMenuActive .MobileMenu__logo,.MobileMenu__backButton{opacity:0;visibility:hidden;transition:var(--siteMobileMenuTransitionIn);pointer-events:no
                                                                                                                                                                                                                          2024-05-05 12:34:51 UTC16384INData Raw: 69 6f 6e 2d 70 72 6f 70 65 72 74 79 3a 74 72 61 6e 73 66 6f 72 6d 3b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 7a 2d 69 6e 64 65 78 3a 32 7d 2e 53 69 74 65 48 65 61 64 65 72 2d 2d 64 72 6f 70 64 6f 77 6e 56 69 73 69 62 6c 65 20 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 59 28 30 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 29 29 20 72 6f 74 61 74 65 28 34 35 64 65 67 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e
                                                                                                                                                                                                                          Data Ascii: ion-property:transform;transition-duration:var(--siteMenuTransition);z-index:2}.SiteHeader--dropdownVisible .SiteHeaderArrow{transform:translateY(0) translateX(var(--siteMenuArrowOffset)) rotate(45deg)}@media (max-width:899px){.SiteHeaderArrow{display:non
                                                                                                                                                                                                                          2024-05-05 12:34:51 UTC16384INData Raw: 61 64 65 72 2c 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 3d 65 73 2d 75 73 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 37 38 70 78 7d 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 2a 3d 6a 61 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 36 36 70 78 7d 7d 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 76 61 72 28 2d 2d 63 61 70 74 69 6f 6e 4d 61 72 67 69 6e 54 6f 70 29 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 36 30 30 70 78 29 7b 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 69 6e 2d 77 69 64 74 68
                                                                                                                                                                                                                          Data Ascii: ader,.MktRoot[lang=es-us] .HomepageHeroHeader{--titleFontSize:78px}.MktRoot[lang*=ja] .HomepageHeroHeader{--titleFontSize:66px}}.HomepageHeroHeader__caption{margin-top:var(--captionMarginTop)}@media (min-width:600px){.HomepageHeroHeader__caption{min-width
                                                                                                                                                                                                                          2024-05-05 12:34:51 UTC16384INData Raw: 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 5a 28 30 29 7d 2e 46 61 63 65 2e 69 73 2d 70 68 6f 6e 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 7b 6f 70 61 63 69 74 79 3a 31 3b 74 72 61 6e 73 66 6f 72 6d 3a 70 65 72 73 70 65 63 74 69 76 65 28 35 30 30 70 78 29 20 74 72 61 6e 73 6c 61 74 65 59 28 31 32 70 78 29 20 72 6f 74 61 74 65 58 28 30 64 65 67 29 3b 61 6e 69 6d 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 66 61 63 65 41 6e 69 6d 61 74 69 6f 6e 44 69 73 61 62 6c 65 64 2c 70 68 6f 6e 65 2d 74 61 70 20 32 2e 37 73 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 66 6f 72 77 61 72 64 73 20 69 6e 66 69 6e 69 74 65 20 2e 34 73 29 7d 2e 46 61 63 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 43 6c 69 70 2c 2e 46 61 63 65 20 2e 46 61 63
                                                                                                                                                                                                                          Data Ascii: flow:hidden;transform:translateZ(0)}.Face.is-phone .Face__phone{opacity:1;transform:perspective(500px) translateY(12px) rotateX(0deg);animation:var(--faceAnimationDisabled,phone-tap 2.7s ease-in-out forwards infinite .4s)}.Face .Face__phoneClip,.Face .Fac
                                                                                                                                                                                                                          2024-05-05 12:34:51 UTC16384INData Raw: 66 36 66 39 66 63 3b 2d 2d 67 72 69 64 53 75 62 63 61 72 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 2d 2d 74 61 62 6c 65 49 63 6f 6e 43 6f 6c 6f 72 3a 23 38 63 39 65 62 31 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 57 68 69 74 65 3a 23 66 66 66 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 4c 69 67 68 74 3a 23 65 33 65 37 65 63 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 44 61 72 6b 3a 23 30 61 32 35 34 30 3b 2d 2d 62 75 6c 6c 65 74 43 6f 6c 6f 72 3a 23 63 66 64 37 64 66 3b 2d 2d 66 6f 6f 74 6e 6f 74 65 54 65 78 74 43 6f 6c 6f 72 3a 23 34 64 35 62 37 38 3b 2d 2d 64 69 73 63 6c 61 69 6d 65 72 54 65 78 74 43 6f 6c 6f 72 3a 23 37 30 37 66 39 38 3b 2d 2d 69 6e 6c 69 6e 65 43 6f 64 65 54 65 78 74 43 6f 6c 6f 72 3a 23 32 63 33 61 35 37 3b 2d 2d 69 6e
                                                                                                                                                                                                                          Data Ascii: f6f9fc;--gridSubcardBackground:#fff;--tableIconColor:#8c9eb1;--stripeAccentWhite:#fff;--stripeAccentLight:#e3e7ec;--stripeAccentDark:#0a2540;--bulletColor:#cfd7df;--footnoteTextColor:#4d5b78;--disclaimerTextColor:#707f98;--inlineCodeTextColor:#2c3a57;--in
                                                                                                                                                                                                                          2024-05-05 12:34:51 UTC16384INData Raw: 6f 6c 6f 72 3a 23 66 61 62 30 30 30 7d 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 66 66 63 65 34 38 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 66 6c 61 76 6f 72 2d 2d 54 72 6f 70 69 63 61 6c 7b 2d 2d 62 6c 65 6e 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 38 30 65 39 66 66 3b 2d 2d 62 6c 65 6e 64 49 6e 74 65 72 73 65 63 74 69 6f 6e 3a 23 30 30 34 38 65 35 3b 2d 2d 62 6c 65 6e 64 46 6f 72 65 67 72 6f 75 6e 64 3a 23 37 61 37 33 66 66 3b 2d 2d 67 72 61 64 69 65 6e 74 43 6f 6c 6f 72 5a 65 72 6f
                                                                                                                                                                                                                          Data Ascii: olor:#fab000}.flavor--Sunset.theme--Dark.accent--Yellow,.flavor--Sunset.theme--Dark .accent--Yellow{--accentColor:#ffce48}</style><style>.flavor--Tropical{--blendBackground:#80e9ff;--blendIntersection:#0048e5;--blendForeground:#7a73ff;--gradientColorZero
                                                                                                                                                                                                                          2024-05-05 12:34:51 UTC16384INData Raw: 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 49 6e 76 6f 69 63 69 6e 67 46 65 61 74 75 72 65 47 72 61 70 68 69 63 2d 64 62 39 35 66 36 63 62 66 61 36 33 38 63 63 61 31 35 31 65 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 44 65 76 65 6c 6f 70 65 72 73
                                                                                                                                                                                                                          Data Ascii: esheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/InvoicingFeatureGraphic-db95f6cbfa638cca151e.css" media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Developers
                                                                                                                                                                                                                          2024-05-05 12:34:51 UTC16384INData Raw: 36 47 48 48 37 4e 46 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 50 61 79 6d 65 6e 74 73 41 6e 69 6d 61 74 69 6f 6e 2d 56 43 35 4d 44 35 32 51 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 49 63 6f 6e 47 72 69 64 2d 53 52 36 44 55 4d 59 43 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68
                                                                                                                                                                                                                          Data Ascii: 6GHH7NF.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorPaymentsAnimation-VC5MD52Q.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorIconGrid-SR6DUMYC.js"},{"critical":false,"path


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          274192.168.2.450036104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:51 UTC885OUTGET /?custom-css=c8bee26073 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912485.38.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:51 UTC822INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:51 GMT
                                                                                                                                                                                                                          Content-Type: text/css;charset=UTF-8
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Mon, 05 May 2025 12:34:51 GMT
                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IMwSXW9CnLeNKn%2BFFhFq5gcRFE3Zg%2FUfuh2GBDM6Kgpxf6LK0ppCX%2FGvnygEyeSKiuQlkEEKI8B69RLHdHOkmQgxROD0hZa0IAf9MRnxavLEAAWaz2JeAcWuRso%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c4612eff082e-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:51 UTC547INData Raw: 66 31 38 0d 0a 40 69 6d 70 6f 72 74 20 75 72 6c 28 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 26 64 69 73 70 6c 61 79 3d 73 77 61 70 27 29 3b 0a 0a 2f 2a 20 64 69 73 61 62 6c 65 20 64 61 72 6b 20 6d 6f 64 65 20 70 65 6e 64 69 6e 67 20 6d 6f 72 65 20 70 72 65 63 69 73 65 20 77 6f 72 6b 20 2a 2f 0a 2f 2a 20 40 69 6d 70 6f 72 74 20 22 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6d 65 6d 69 6e 7a 2f 63 73 73 2f 64 61 72 6b 6d 6f 64 65 2d 63 75 73 74 6f 6d 2e 63 73 73 22 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 20 64 61 72 6b 29 3b 0a 2a 2f 0a 0a 23 6e 6f 2d 75 73 65 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f
                                                                                                                                                                                                                          Data Ascii: f18@import url('https://fonts.googleapis.com/css2?family=Roboto&display=swap');/* disable dark mode pending more precise work *//* @import "/wp-content/themes/meminz/css/darkmode-custom.css" (prefers-color-scheme: dark);*/#no-use {margin: 0 auto
                                                                                                                                                                                                                          2024-05-05 12:34:51 UTC1369INData Raw: 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 66 6f 63 75 73 0a 7b 0a 09 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 68 6f 76 65 72 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 2e 73 65 6c 65 63 74 65 64 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76
                                                                                                                                                                                                                          Data Ascii: default .navbar-nav li a:focus{border: none;}.navbar-default .navbar-nav li a:hover,.navbar-default .navbar-nav li a.selected,.navbar-default .navbar-nav .active a,.navbar-default .navbar-nav .dropdown.active a,.navbar-default .navbar-nav .activ
                                                                                                                                                                                                                          2024-05-05 12:34:51 UTC1369INData Raw: 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 2e 35 65 6d 3b 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 2e 35 65 6d 3b 0a 09 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 37 30 30 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 32 70 78 3b 0a 09 2d 6d 6f 7a 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 77 65 62 6b 69 74 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 6b 68 74 6d 6c 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 3b 0a 09 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 7d 0a 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 61 63 74 69 76 65 2c 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 68 6f 76 65 72 2c
                                                                                                                                                                                                                          Data Ascii: 0;padding: .5em;line-height: 2.5em;font-weight: 700;border-width: 2px;-moz-border-radius: .5em;-webkit-border-radius: .5em;-khtml-border-radius: .5em .5em .5em .5em;border-radius: .5em;}a.download_button:active,a.download_button:hover,
                                                                                                                                                                                                                          2024-05-05 12:34:51 UTC586INData Raw: 2d 63 6f 6c 6f 72 3a 20 23 45 30 45 30 45 30 3b 0a 09 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 39 41 39 41 39 41 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 31 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 7d 0a 0a 2e 77 70 62 5f 63 6f 6e 74 65 6e 74 5f 65 6c 65 6d 65 6e 74 20 2e 77 70 62 5f 74 61 62 73 5f 6e 61 76 20 7b 0a 09 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 68 69 64 64 65 6e 2c 20 2e 65 64 64 5f 73 6c 5f 6e 6f 5f 6d 61 6e 61 67 65 6d 65 6e 74 2c 20 2e 65 64 64 5f 73 6c 5f 73 74 61 74 75 73 5f 6c 61 62 65 6c 2c 20 2e 65 64 64 2d 73 6c 2d 61 63 74 69 76 65 2c
                                                                                                                                                                                                                          Data Ascii: -color: #E0E0E0;border-color: #9A9A9A;border-width: 1px;border-top-left-radius: 6px;border-top-right-radius: 6px;}.wpb_content_element .wpb_tabs_nav {border-style: none;}.hidden, .edd_sl_no_management, .edd_sl_status_label, .edd-sl-active,
                                                                                                                                                                                                                          2024-05-05 12:34:51 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          275192.168.2.450038104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:51 UTC1016OUTPOST /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 136
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded; charset=UTF-8
                                                                                                                                                                                                                          X-Requested-With: XMLHttpRequest
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912485.38.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:51 UTC136OUTData Raw: 61 63 74 69 6f 6e 3d 65 64 64 75 68 5f 74 72 61 63 6b 5f 68 69 73 74 6f 72 79 26 70 61 67 65 5f 75 72 6c 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 62 69 74 73 75 6d 2e 63 6f 6d 25 32 46 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 25 32 46 25 33 46 64 69 73 63 6f 75 6e 74 25 33 44 42 49 54 53 55 4d 32 35 4f 46 46 25 32 36 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 25 33 44 31 26 72 65 66 65 72 72 65 72 3d
                                                                                                                                                                                                                          Data Ascii: action=edduh_track_history&page_url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&referrer=
                                                                                                                                                                                                                          2024-05-05 12:34:52 UTC1018INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:52 GMT
                                                                                                                                                                                                                          Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                          Content-Length: 120
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          X-Robots-Tag: noindex
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ccenPVw212MA3p4P%2F8FN%2FirNv6F8gAdj%2BvwYYj4SwwMkbNwwD4zN73Jo1do2u0EHlkCGHcGjvHO5EPgP2YzyL9%2Bv8uuovU70wVDnKVOGmwcJh7dtwX6eaAJAHB8%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c463ae350800-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:52 UTC120INData Raw: 7b 22 73 75 63 63 65 73 73 22 3a 74 72 75 65 2c 22 64 61 74 61 22 3a 7b 22 70 61 67 65 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 62 69 74 73 75 6d 2e 63 6f 6d 5c 2f 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 5c 2f 3f 64 69 73 63 6f 75 6e 74 3d 42 49 54 53 55 4d 32 35 4f 46 46 26 23 30 33 38 3b 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 3d 31 22 7d 7d
                                                                                                                                                                                                                          Data Ascii: {"success":true,"data":{"page_url":"https:\/\/bitsum.com\/get-lasso-pro\/?discount=BITSUM25OFF&#038;inproductcoupon=1"}}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          276192.168.2.450039104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:51 UTC925OUTGET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714912491 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912485.38.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:52 UTC749INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:52 GMT
                                                                                                                                                                                                                          Content-Type: text/css
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Fri, 20 Jan 2023 17:33:14 GMT
                                                                                                                                                                                                                          ETag: "1f80ab-0-5f2b571b5b143"
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: MISS
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DO%2FhN5fQfhaDGIsYw%2FjouVC9NadNauJm49zCHY%2FudkwWvtUmW9TZDfW28SOiqNR1iHUOWsIvVko%2B21fPpF1oyefqj%2FY%2FpgiKtv1KFVfJkqcvM5PiEfJXbevtvAc%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c463a8513b2f-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          277192.168.2.450040216.239.38.1814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:52 UTC1235OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912490931&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=1668 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:52 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:52 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          278192.168.2.450041216.239.38.1814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:52 UTC1240OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912490931&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=2&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=3&tfd=1793 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:52 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:52 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          279192.168.2.450042216.239.38.1814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:52 UTC1690OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912490931&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr5.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr36.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr64.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true&_e [TRUNCATED]
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:52 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:52 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          280192.168.2.450043192.0.76.34434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:52 UTC690OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1888&rand=0.7260079474896437 HTTP/1.1
                                                                                                                                                                                                                          Host: pixel.wp.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: image
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:52 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:52 GMT
                                                                                                                                                                                                                          Content-Type: image/gif
                                                                                                                                                                                                                          Content-Length: 50
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:52 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                          Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          281192.168.2.450044216.239.38.1814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:52 UTC1235OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912483188&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&tfd=10435 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:52 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:52 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          282192.168.2.450046104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:52 UTC648OUTGET /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912491.32.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:53 UTC819INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:53 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                          Content-Length: 1
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          X-Robots-Tag: noindex
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=12V1i6nV5OC8dAW%2BpIx2gRGY57DGzFVVLk6wmQk9LnoivPqb7EZwQhfVY9olH72WwvG%2FzmiSd5%2BR%2B23YtakKnu%2F7pla61ZpAKmOT0VlfzL9R5EPvQfCk7oVG08s%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c4684c393979-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:53 UTC1INData Raw: 30
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          283192.168.2.450047192.0.76.34434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:52 UTC460OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1888&rand=0.7260079474896437 HTTP/1.1
                                                                                                                                                                                                                          Host: pixel.wp.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:52 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:52 GMT
                                                                                                                                                                                                                          Content-Type: image/gif
                                                                                                                                                                                                                          Content-Length: 50
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:52 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                          Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          284192.168.2.45004544.229.0.334434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:52 UTC660OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 3504
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://m.stripe.network
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://m.stripe.network/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7
                                                                                                                                                                                                                          2024-05-05 12:34:52 UTC3504OUTData Raw: 4a 54 64 43 4a 54 49 79 64 6a 49 6c 4d 6a 49 6c 4d 30 45 78 4a 54 4a 44 4a 54 49 79 61 57 51 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 49 33 4d 47 4d 79 4d 44 6b 35 4d 54 67 7a 59 6a 63 30 5a 6a 6b 32 4e 47 51 35 4f 57 51 79 5a 47 52 6b 5a 6d 4e 6d 4f 54 68 69 59 69 55 79 4d 69 55 79 51 79 55 79 4d 6e 51 6c 4d 6a 49 6c 4d 30 45 79 4e 69 34 33 4a 54 4a 44 4a 54 49 79 64 47 46 6e 4a 54 49 79 4a 54 4e 42 4a 54 49 79 4e 43 34 31 4c 6a 51 7a 4a 54 49 79 4a 54 4a 44 4a 54 49 79 63 33 4a 6a 4a 54 49 79 4a 54 4e 42 4a 54 49 79 61 6e 4d 6c 4d 6a 49 6c 4d 6b 4d 6c 4d 6a 4a 68 4a 54 49 79 4a 54 4e 42 4a 54 64 43 4a 54 49 79 59 53 55 79 4d 69 55 7a 51 53 55 33 51 69 55 79 4d 6e 59 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 4a 30 63 6e 56 6c 4a 54 49 79 4a 54 4a 44 4a 54 49 79 64 43 55
                                                                                                                                                                                                                          Data Ascii: JTdCJTIydjIlMjIlM0ExJTJDJTIyaWQlMjIlM0ElMjI3MGMyMDk5MTgzYjc0Zjk2NGQ5OWQyZGRkZmNmOThiYiUyMiUyQyUyMnQlMjIlM0EyNi43JTJDJTIydGFnJTIyJTNBJTIyNC41LjQzJTIyJTJDJTIyc3JjJTIyJTNBJTIyanMlMjIlMkMlMjJhJTIyJTNBJTdCJTIyYSUyMiUzQSU3QiUyMnYlMjIlM0ElMjJ0cnVlJTIyJTJDJTIydCU
                                                                                                                                                                                                                          2024-05-05 12:34:53 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:53 GMT
                                                                                                                                                                                                                          Content-Length: 156
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          set-cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7;Expires=Tue, 05-May-2026 12:34:53 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                          x-content-type-options: nosniff
                                                                                                                                                                                                                          x-stripe-server-envoy-start-time-us: 1714912493138762
                                                                                                                                                                                                                          x-stripe-server-envoy-upstream-service-time-ms: 2
                                                                                                                                                                                                                          x-envoy-attempt-count: 1
                                                                                                                                                                                                                          x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                          x-stripe-client-envoy-start-time-us: 1714912493138448
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:34:53 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 64 61 61 33 63 63 35 32 2d 32 38 33 34 2d 34 65 61 31 2d 61 34 36 63 2d 35 37 62 37 36 35 36 63 65 66 62 39 37 39 30 32 65 39 22 2c 22 67 75 69 64 22 3a 22 32 36 39 37 37 36 30 38 2d 65 39 30 32 2d 34 39 63 37 2d 38 39 30 61 2d 38 63 66 35 61 62 30 66 38 66 31 32 35 62 63 30 65 37 22 2c 22 73 69 64 22 3a 22 65 63 66 34 65 66 37 35 2d 33 36 35 63 2d 34 37 39 33 2d 62 30 65 36 2d 63 39 34 34 37 39 38 37 35 38 39 36 38 61 32 61 36 35 22 7d
                                                                                                                                                                                                                          Data Ascii: {"muid":"daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9","guid":"26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7","sid":"ecf4ef75-365c-4793-b0e6-c944798758968a2a65"}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          285192.168.2.45004844.237.131.1214434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:56 UTC433OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7; cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9
                                                                                                                                                                                                                          2024-05-05 12:34:56 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:56 GMT
                                                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                                                          Content-Length: 138
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Location: https://stripe.com
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:34:56 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                          Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          286192.168.2.450049198.202.176.814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:56 UTC553OUTGET / HTTP/1.1
                                                                                                                                                                                                                          Host: stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9; __Host-stripe.mkt.csrf=PUzP9V9PYTZLsnWHgYbYpvGCkVN0N1V1pTa7cD2y0qOiYfqKQIh1Ee7N0UkVJDXvuI70pThx5Q9PikWyJwZSZjw-AcAXe4aLRW0FK4DudC9ZBA7ZflSssWUgUx-lW2YO7y6yUYc7KA%3D%3D
                                                                                                                                                                                                                          2024-05-05 12:34:56 UTC4216INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:56 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                          Content-Length: 2253471
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Content-Security-Policy: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://stripe.com ht [TRUNCATED]
                                                                                                                                                                                                                          Content-Security-Policy-Report-Only: report-uri /csp-report?p=; block-all-mixed-content; default-src 'none'; base-uri 'none'; img-src 'self' https://b.stripecdn.com https://q.stripe.com https://stripe-camo.global.ssl.fastly.net https://images.ctfassets.net https://assets.ctfassets.net data:; style-src 'unsafe-inline' 'self' https://b.stripecdn.com; connect-src 'self' https://stripe.com blob: https://stripe-images.s3.us-west-1.amazonaws.com https://errors.stripe.com https://b.stripecdn.com https://climate.stripe.com https://ext.stripe.com https://r.stripe.com https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners https://sales-live-chat.stripe.com https://y4pfttj91h-dsn.algolia.net/1/indexes/mkt_partners/query https://y4pfttj91h-1.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-2.algolianet.com/1/indexes/mkt_partners/query https://y4pfttj91h-3.algolianet.com/1/indexes/mkt_partners/query; font-src 'self' https://b.stripecdn.com; form-action 'self' https://s [TRUNCATED]
                                                                                                                                                                                                                          Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop"
                                                                                                                                                                                                                          Report-To: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
                                                                                                                                                                                                                          Reporting-Endpoints: coop="https://q.stripe.com/coop-report"
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                          X-Mkt-Cache: HIT
                                                                                                                                                                                                                          X-Wis-Cache-Control: max-age=300
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                          2024-05-05 12:34:56 UTC12168INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 63 6c 61 73 73 3d 22 4d 6b 74 52 6f 6f 74 22 0a 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 0a 20 20 64 61 74 61 2d 6a 73 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 50 61 67 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 69 64 3d 22 48 6f 6d 65 22 0a 20 20 64 61 74 61 2d 70 61 67 65 2d 74 69 74 6c 65 3d 22 53 74 72 69 70 65 20 7c 20 46 69 6e 61 6e 63 69 61 6c 20 49 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 66 6f 72 20 74 68 65 20 49 6e 74 65 72 6e 65 74 22 0a 20 20 64 61 74 61 2d 6c 6f 61 64 69 6e 67 0a 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 5f 5f 63 61 70 74 75 72 65 64 45 72 72 6f 72 73 20 3d 20 5b 5d 3b 0a 77 69 6e 64 6f 77 2e 6f 6e 65 72
                                                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html class="MktRoot" lang="en-US" data-js-controller="Page" data-page-id="Home" data-page-title="Stripe | Financial Infrastructure for the Internet" data-loading> <head> <script>window.__capturedErrors = [];window.oner
                                                                                                                                                                                                                          2024-05-05 12:34:56 UTC16384INData Raw: 64 20 2e 53 65 63 74 69 6f 6e 5f 5f 6c 61 79 6f 75 74 7b 2d 2d 73 65 63 74 69 6f 6e 50 61 64 64 69 6e 67 54 6f 70 3a 30 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 53 69 74 65 48 65 61 64 65 72 7b 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 3a 32 35 30 6d 73 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 53 70 61 63 69 6e 67 3a 31 33 70 78 3b 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 3a 30 3b 2d 2d 75 73 65 72 4c 6f 67 6f 43 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6e 61 76 43 6f 6c 6f 72 29 3b 2d 2d 74 61 62 6c 65 74 4f 76 65 72 6c 61 79 44 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a
                                                                                                                                                                                                                          Data Ascii: d .Section__layout{--sectionPaddingTop:0}</style><style>.SiteHeader{--siteMenuTransition:250ms;--siteMenuArrowSpacing:13px;--siteMenuArrowOffset:0;--userLogoColor:var(--navColor);--tabletOverlayDisplay:none;position:relative;z-index:100;background-color:
                                                                                                                                                                                                                          2024-05-05 12:34:56 UTC16384INData Raw: 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 31 32 30 25 29 7d 2e 4d 6f 62 69 6c 65 4d 65 6e 75 2d 2d 69 73 53 75 62 4d 65 6e 75 41 63 74 69 76 65 20 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 6c 6f 67 6f 2c 2e 4d 6f 62 69 6c 65 4d 65 6e 75 5f 5f 62 61 63 6b 42 75 74 74 6f 6e 7b 6f 70 61 63 69 74 79 3a 30 3b 76 69 73 69 62 69 6c 69 74 79 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 6f 62 69 6c 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 49 6e 29 3b 70 6f 69 6e 74 65 72 2d 65 76 65 6e 74 73 3a 6e 6f
                                                                                                                                                                                                                          Data Ascii: -color:transparent}.MobileMenu--isSubMenuActive .MobileMenu__logo{transform:translateX(-120%)}.MobileMenu--isSubMenuActive .MobileMenu__logo,.MobileMenu__backButton{opacity:0;visibility:hidden;transition:var(--siteMobileMenuTransitionIn);pointer-events:no
                                                                                                                                                                                                                          2024-05-05 12:34:57 UTC16384INData Raw: 69 6f 6e 2d 70 72 6f 70 65 72 74 79 3a 74 72 61 6e 73 66 6f 72 6d 3b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 54 72 61 6e 73 69 74 69 6f 6e 29 3b 7a 2d 69 6e 64 65 78 3a 32 7d 2e 53 69 74 65 48 65 61 64 65 72 2d 2d 64 72 6f 70 64 6f 77 6e 56 69 73 69 62 6c 65 20 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 59 28 30 29 20 74 72 61 6e 73 6c 61 74 65 58 28 76 61 72 28 2d 2d 73 69 74 65 4d 65 6e 75 41 72 72 6f 77 4f 66 66 73 65 74 29 29 20 72 6f 74 61 74 65 28 34 35 64 65 67 29 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 38 39 39 70 78 29 7b 2e 53 69 74 65 48 65 61 64 65 72 41 72 72 6f 77 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e
                                                                                                                                                                                                                          Data Ascii: ion-property:transform;transition-duration:var(--siteMenuTransition);z-index:2}.SiteHeader--dropdownVisible .SiteHeaderArrow{transform:translateY(0) translateX(var(--siteMenuArrowOffset)) rotate(45deg)}@media (max-width:899px){.SiteHeaderArrow{display:non
                                                                                                                                                                                                                          2024-05-05 12:34:57 UTC16384INData Raw: 61 64 65 72 2c 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 3d 65 73 2d 75 73 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 37 38 70 78 7d 2e 4d 6b 74 52 6f 6f 74 5b 6c 61 6e 67 2a 3d 6a 61 5d 20 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 7b 2d 2d 74 69 74 6c 65 46 6f 6e 74 53 69 7a 65 3a 36 36 70 78 7d 7d 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 76 61 72 28 2d 2d 63 61 70 74 69 6f 6e 4d 61 72 67 69 6e 54 6f 70 29 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 36 30 30 70 78 29 7b 2e 48 6f 6d 65 70 61 67 65 48 65 72 6f 48 65 61 64 65 72 5f 5f 63 61 70 74 69 6f 6e 7b 6d 69 6e 2d 77 69 64 74 68
                                                                                                                                                                                                                          Data Ascii: ader,.MktRoot[lang=es-us] .HomepageHeroHeader{--titleFontSize:78px}.MktRoot[lang*=ja] .HomepageHeroHeader{--titleFontSize:66px}}.HomepageHeroHeader__caption{margin-top:var(--captionMarginTop)}@media (min-width:600px){.HomepageHeroHeader__caption{min-width
                                                                                                                                                                                                                          2024-05-05 12:34:57 UTC16384INData Raw: 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 5a 28 30 29 7d 2e 46 61 63 65 2e 69 73 2d 70 68 6f 6e 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 7b 6f 70 61 63 69 74 79 3a 31 3b 74 72 61 6e 73 66 6f 72 6d 3a 70 65 72 73 70 65 63 74 69 76 65 28 35 30 30 70 78 29 20 74 72 61 6e 73 6c 61 74 65 59 28 31 32 70 78 29 20 72 6f 74 61 74 65 58 28 30 64 65 67 29 3b 61 6e 69 6d 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 66 61 63 65 41 6e 69 6d 61 74 69 6f 6e 44 69 73 61 62 6c 65 64 2c 70 68 6f 6e 65 2d 74 61 70 20 32 2e 37 73 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 66 6f 72 77 61 72 64 73 20 69 6e 66 69 6e 69 74 65 20 2e 34 73 29 7d 2e 46 61 63 65 20 2e 46 61 63 65 5f 5f 70 68 6f 6e 65 43 6c 69 70 2c 2e 46 61 63 65 20 2e 46 61 63
                                                                                                                                                                                                                          Data Ascii: flow:hidden;transform:translateZ(0)}.Face.is-phone .Face__phone{opacity:1;transform:perspective(500px) translateY(12px) rotateX(0deg);animation:var(--faceAnimationDisabled,phone-tap 2.7s ease-in-out forwards infinite .4s)}.Face .Face__phoneClip,.Face .Fac
                                                                                                                                                                                                                          2024-05-05 12:34:57 UTC16384INData Raw: 66 36 66 39 66 63 3b 2d 2d 67 72 69 64 53 75 62 63 61 72 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 2d 2d 74 61 62 6c 65 49 63 6f 6e 43 6f 6c 6f 72 3a 23 38 63 39 65 62 31 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 57 68 69 74 65 3a 23 66 66 66 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 4c 69 67 68 74 3a 23 65 33 65 37 65 63 3b 2d 2d 73 74 72 69 70 65 41 63 63 65 6e 74 44 61 72 6b 3a 23 30 61 32 35 34 30 3b 2d 2d 62 75 6c 6c 65 74 43 6f 6c 6f 72 3a 23 63 66 64 37 64 66 3b 2d 2d 66 6f 6f 74 6e 6f 74 65 54 65 78 74 43 6f 6c 6f 72 3a 23 34 64 35 62 37 38 3b 2d 2d 64 69 73 63 6c 61 69 6d 65 72 54 65 78 74 43 6f 6c 6f 72 3a 23 37 30 37 66 39 38 3b 2d 2d 69 6e 6c 69 6e 65 43 6f 64 65 54 65 78 74 43 6f 6c 6f 72 3a 23 32 63 33 61 35 37 3b 2d 2d 69 6e
                                                                                                                                                                                                                          Data Ascii: f6f9fc;--gridSubcardBackground:#fff;--tableIconColor:#8c9eb1;--stripeAccentWhite:#fff;--stripeAccentLight:#e3e7ec;--stripeAccentDark:#0a2540;--bulletColor:#cfd7df;--footnoteTextColor:#4d5b78;--disclaimerTextColor:#707f98;--inlineCodeTextColor:#2c3a57;--in
                                                                                                                                                                                                                          2024-05-05 12:34:57 UTC16384INData Raw: 6f 6c 6f 72 3a 23 66 61 62 30 30 30 7d 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 2c 2e 66 6c 61 76 6f 72 2d 2d 53 75 6e 73 65 74 2e 74 68 65 6d 65 2d 2d 44 61 72 6b 20 2e 61 63 63 65 6e 74 2d 2d 59 65 6c 6c 6f 77 7b 2d 2d 61 63 63 65 6e 74 43 6f 6c 6f 72 3a 23 66 66 63 65 34 38 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 2e 66 6c 61 76 6f 72 2d 2d 54 72 6f 70 69 63 61 6c 7b 2d 2d 62 6c 65 6e 64 42 61 63 6b 67 72 6f 75 6e 64 3a 23 38 30 65 39 66 66 3b 2d 2d 62 6c 65 6e 64 49 6e 74 65 72 73 65 63 74 69 6f 6e 3a 23 30 30 34 38 65 35 3b 2d 2d 62 6c 65 6e 64 46 6f 72 65 67 72 6f 75 6e 64 3a 23 37 61 37 33 66 66 3b 2d 2d 67 72 61 64 69 65 6e 74 43 6f 6c 6f 72 5a 65 72 6f
                                                                                                                                                                                                                          Data Ascii: olor:#fab000}.flavor--Sunset.theme--Dark.accent--Yellow,.flavor--Sunset.theme--Dark .accent--Yellow{--accentColor:#ffce48}</style><style>.flavor--Tropical{--blendBackground:#80e9ff;--blendIntersection:#0048e5;--blendForeground:#7a73ff;--gradientColorZero
                                                                                                                                                                                                                          2024-05-05 12:34:57 UTC16384INData Raw: 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 49 6e 76 6f 69 63 69 6e 67 46 65 61 74 75 72 65 47 72 61 70 68 69 63 2d 64 62 39 35 66 36 63 62 66 61 36 33 38 63 63 61 31 35 31 65 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 64 61 74 61 2d 6a 73 2d 6c 61 7a 79 2d 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 44 65 76 65 6c 6f 70 65 72 73
                                                                                                                                                                                                                          Data Ascii: esheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/InvoicingFeatureGraphic-db95f6cbfa638cca151e.css" media="print" data-js-lazy-style> <link rel="stylesheet" href="https://b.stripecdn.com/mkt-statics-srv/assets/Developers
                                                                                                                                                                                                                          2024-05-05 12:34:57 UTC16384INData Raw: 36 47 48 48 37 4e 46 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 50 61 79 6d 65 6e 74 73 41 6e 69 6d 61 74 69 6f 6e 2d 56 43 35 4d 44 35 32 51 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68 22 3a 22 68 74 74 70 73 3a 2f 2f 62 2e 73 74 72 69 70 65 63 64 6e 2e 63 6f 6d 2f 6d 6b 74 2d 73 74 61 74 69 63 73 2d 73 72 76 2f 61 73 73 65 74 73 2f 46 72 6f 6e 74 64 6f 6f 72 49 63 6f 6e 47 72 69 64 2d 53 52 36 44 55 4d 59 43 2e 6a 73 22 7d 2c 7b 22 63 72 69 74 69 63 61 6c 22 3a 66 61 6c 73 65 2c 22 70 61 74 68
                                                                                                                                                                                                                          Data Ascii: 6GHH7NF.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorPaymentsAnimation-VC5MD52Q.js"},{"critical":false,"path":"https://b.stripecdn.com/mkt-statics-srv/assets/FrontdoorIconGrid-SR6DUMYC.js"},{"critical":false,"path


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          287192.168.2.450051104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:56 UTC997OUTGET /get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                          Sec-Fetch-User: ?1
                                                                                                                                                                                                                          Sec-Fetch-Dest: document
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912491.32.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:57 UTC1041INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:57 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                          Link: <https://bitsum.com/wp-json/>; rel="https://api.w.org/"
                                                                                                                                                                                                                          Link: <https://bitsum.com/wp-json/wp/v2/pages/26649>; rel="alternate"; type="application/json"
                                                                                                                                                                                                                          Link: <https://bitsum.com/?p=26649>; rel=shortlink
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PBVQ44CLs7Gs3rXQgxIZZXDOSwMGzOvPFoddUoW1iGloJNcjY%2FhzdxBxAoelxZiWi1PaTKrRXoLoJt%2F8tC%2Bxtnk%2BxsyalwYGIjugtNHV5kKgMhwm%2FF%2F1GQ5fGiU%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c483385457b2-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:57 UTC328INData Raw: 37 62 61 33 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65
                                                                                                                                                                                                                          Data Ascii: 7ba3<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><link rel="profile" href="http://gmpg.org/xfn/11" /><link rel="pingback" href="https://bitsum.com/xmlrpc.php" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta name
                                                                                                                                                                                                                          2024-05-05 12:34:57 UTC1369INData Raw: 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 74 73 75 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 66 61 76 69 63 6f 6e 2e 70 6e 67 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 47 65 74 20 50 72 6f 63 65 73 73 20 4c 61 73 73 6f 20 50 72 6f 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f
                                                                                                                                                                                                                          Data Ascii: viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /><link rel="shortcut icon" href="https://bitsum.com/wp-content/uploads/favicon.png" type="image/x-icon" /><title>Get Process Lasso Pro</title><meta name="ro
                                                                                                                                                                                                                          2024-05-05 12:34:57 UTC1369INData Raw: 64 65 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 3f 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 29 20 3a 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 50 72 69 76 61 63 79 47 75 61 72 64 46 69 6c 74 65 72 28 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 65 66 61 75 6c 74 4c 6f 63 61 74 69 6f 6e 73 20 29 3b 0a 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 76 61 72 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 4c 6f 63 61 74 69 6f 6e 73 20 3d 20 28 74 79 70 65 6f 66 20 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 45 78 63 6c 75 64 65 51 75 65 72 79 20 3d 3d 3d 20 27 6f 62 6a 65
                                                                                                                                                                                                                          Data Ascii: deQuery === 'object') ? MonsterInsightsPrivacyGuardFilter( MonsterInsightsExcludeQuery ) : MonsterInsightsPrivacyGuardFilter( MonsterInsightsDefaultLocations );} else {var MonsterInsightsLocations = (typeof MonsterInsightsExcludeQuery === 'obje
                                                                                                                                                                                                                          2024-05-05 12:34:57 UTC1369INData Raw: 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 20 3d 20 7b 0a 09 09 09 09 09 68 65 6c 70 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 09 74 72 61 63 6b 65 72 73 3a 20 7b 7d 2c 0a 09 09 09 09 7d 3b 0a 09 09 09 09 69 66 20 28 6d 69 5f 74 72 61 63 6b 5f 75 73 65 72 29 20 7b 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 29 20 7b 0a 09 09 09 09 09 09 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 0a 09 09 09 09 09 7d 0a 0a 09 09 09 09 09 66 75 6e 63 74 69 6f 6e 20 5f 5f 67 74 61 67 54 72 61 63 6b 65 72 28 74 79 70 65 2c 20 6e 61 6d 65 2c 20 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09 09 09 69 66 20 28 21 70 61 72 61 6d 65 74 65 72 73 29 20 7b 0a 09 09 09 09
                                                                                                                                                                                                                          Data Ascii: sterInsightsDualTracker = {helpers: {},trackers: {},};if (mi_track_user) {function __gtagDataLayer() {dataLayer.push(arguments);}function __gtagTracker(type, name, parameters) {if (!parameters) {
                                                                                                                                                                                                                          2024-05-05 12:34:57 UTC1369INData Raw: 20 68 74 74 70 73 3a 2f 2f 64 65 76 65 6c 6f 70 65 72 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 6e 61 6c 79 74 69 63 73 2f 64 65 76 67 75 69 64 65 73 2f 63 6f 6c 6c 65 63 74 69 6f 6e 2f 61 6e 61 6c 79 74 69 63 73 6a 73 2f 20 2a 2f 0a 09 09 09 09 09 09 2f 2a 20 67 61 20 61 6e 64 20 5f 5f 67 61 54 72 61 63 6b 65 72 20 63 6f 6d 70 61 74 69 62 69 6c 69 74 79 20 73 68 69 6d 2e 20 2a 2f 0a 09 09 09 09 09 09 76 61 72 20 6e 6f 6f 70 66 6e 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 0a 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 76 61 72 20 6e 65 77 74 72 61 63 6b 65 72 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 6e 65 77 20 54 72 61 63 6b 65 72 28 29
                                                                                                                                                                                                                          Data Ascii: https://developers.google.com/analytics/devguides/collection/analyticsjs/ *//* ga and __gaTracker compatibility shim. */var noopfn = function () {return null;};var newtracker = function () {return new Tracker()
                                                                                                                                                                                                                          2024-05-05 12:34:57 UTC1369INData Raw: 09 09 09 09 09 27 65 76 65 6e 74 41 63 74 69 6f 6e 27 3a 20 27 70 61 67 65 5f 76 69 65 77 27 2c 0a 09 09 09 09 09 09 09 09 09 09 09 09 27 70 61 67 65 5f 70 61 74 68 27 3a 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 2c 0a 09 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 4f 62 6a 65 63 74 20 3d 20 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 61 72 67 75 6d 65 6e 74 73 5b 35 5d 20 3d 3d 3d 20 27 6f 62 6a 65 63 74 27 29 20 7b 0a 09 09
                                                                                                                                                                                                                          Data Ascii: 'eventAction': 'page_view','page_path': arguments[2],}}}if (typeof arguments[2] === 'object') {hitObject = arguments[2];}if (typeof arguments[5] === 'object') {
                                                                                                                                                                                                                          2024-05-05 12:34:57 UTC1369INData Raw: 72 72 65 72 27 2c 0a 09 09 09 09 09 09 09 09 7d 3b 0a 09 09 09 09 09 09 09 09 66 6f 72 20 28 61 72 67 20 69 6e 20 61 72 67 73 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 69 66 20 28 21 28 21 61 72 67 73 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 20 7c 7c 20 21 67 61 4d 61 70 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 72 67 29 29 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 67 61 4d 61 70 5b 61 72 67 5d 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 09 09 09 09 09 09 68 69 74 5b 61 72 67 5d 20 3d 20 61 72 67 73 5b 61 72 67 5d 3b 0a 09 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 72 65 74 75 72 6e 20
                                                                                                                                                                                                                          Data Ascii: rrer',};for (arg in args) {if (!(!args.hasOwnProperty(arg) || !gaMap.hasOwnProperty(arg))) {hit[gaMap[arg]] = args[arg];} else {hit[arg] = args[arg];}}return
                                                                                                                                                                                                                          2024-05-05 12:34:57 UTC1369INData Raw: 72 6f 70 65 72 74 79 28 6d 61 70 49 6e 64 65 78 29 29 20 7b 0a 09 09 09 09 09 09 69 74 65 6d 5b 66 69 65 6c 64 4d 61 70 5b 6d 61 70 49 6e 64 65 78 5d 5d 20 3d 20 75 61 49 74 65 6d 5b 6d 61 70 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 7d 0a 09 09 09 09 7d 0a 0a 09 09 09 09 66 6f 72 20 28 70 72 65 66 69 78 49 6e 64 65 78 20 3d 20 30 3b 20 70 72 65 66 69 78 49 6e 64 65 78 20 3c 20 74 6f 42 65 50 72 65 66 69 78 65 64 2e 6c 65 6e 67 74 68 3b 20 70 72 65 66 69 78 49 6e 64 65 78 2b 2b 29 20 7b 0a 09 09 09 09 09 70 72 65 66 69 78 4b 65 79 20 3d 20 74 6f 42 65 50 72 65 66 69 78 65 64 5b 70 72 65 66 69 78 49 6e 64 65 78 5d 3b 0a 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 75 61 49 74 65 6d 5b 70 72 65 66 69 78 4b 65 79 5d 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65
                                                                                                                                                                                                                          Data Ascii: roperty(mapIndex)) {item[fieldMap[mapIndex]] = uaItem[mapIndex];}}for (prefixIndex = 0; prefixIndex < toBePrefixed.length; prefixIndex++) {prefixKey = toBePrefixed[prefixIndex];if (typeof uaItem[prefixKey] !== 'undefine
                                                                                                                                                                                                                          2024-05-05 12:34:57 UTC1369INData Raw: 74 65 72 73 29 20 7b 0a 09 09 09 09 63 6f 6e 73 74 20 69 74 65 6d 73 20 3d 20 70 61 72 61 6d 65 74 65 72 73 2e 69 74 65 6d 73 2e 6d 61 70 28 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 68 65 6c 70 65 72 73 2e 6d 61 70 50 72 6f 64 75 63 74 49 74 65 6d 29 3b 0a 09 09 09 09 5f 5f 67 74 61 67 44 61 74 61 4c 61 79 65 72 28 27 65 76 65 6e 74 27 2c 20 27 73 65 6c 65 63 74 5f 69 74 65 6d 27 2c 20 7b 69 74 65 6d 73 3a 20 69 74 65 6d 73 2c 20 73 65 6e 64 5f 74 6f 3a 20 70 61 72 61 6d 65 74 65 72 73 2e 73 65 6e 64 5f 74 6f 7d 29 3b 0a 09 09 09 7d 3b 0a 0a 09 09 09 4d 6f 6e 73 74 65 72 49 6e 73 69 67 68 74 73 44 75 61 6c 54 72 61 63 6b 65 72 2e 74 72 61 63 6b 65 72 73 5b 27 76 69 65 77 5f 69 74 65 6d 27 5d 20 3d 20 66 75 6e 63 74
                                                                                                                                                                                                                          Data Ascii: ters) {const items = parameters.items.map(MonsterInsightsDualTracker.helpers.mapProductItem);__gtagDataLayer('event', 'select_item', {items: items, send_to: parameters.send_to});};MonsterInsightsDualTracker.trackers['view_item'] = funct
                                                                                                                                                                                                                          2024-05-05 12:34:57 UTC1369INData Raw: 3d 72 5b 74 5d 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 75 28 65 2c 74 2c 6e 29 7b 73 77 69 74 63 68 28 74 29 7b 63 61 73 65 22 66 6c 61 67 22 3a 72 65 74 75 72 6e 20 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 64 5c 75 32 36 61 37 5c 75 66 65 30 66 22 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 33 5c 75 66 65 30 66 5c 75 32 30 30 62 5c 75 32 36 61 37 5c 75 66 65 30 66 22 29 3f 21 31 3a 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 64 38 33 63 5c 75 64 64 66 33 22 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 32 30 30 62 5c 75 64 38 33 63 5c 75 64 64 66 33 22 29 26 26 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 64 62 34 30
                                                                                                                                                                                                                          Data Ascii: =r[t]})}function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          288192.168.2.450052216.239.38.1814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:57 UTC1240OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912490931&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=4&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=2&tfd=7111 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:57 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:57 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          289192.168.2.450050104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:57 UTC885OUTGET /?custom-css=c8bee26073 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912491.32.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:58 UTC828INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:58 GMT
                                                                                                                                                                                                                          Content-Type: text/css;charset=UTF-8
                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Mon, 05 May 2025 12:34:58 GMT
                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Vary: accept,content-type,Accept-Encoding
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=61HhSAjlfzlNzMvAQu%2BqkMlnxSMoOwM6t%2Fjn12z%2F9fVHWUaGiwgMF2V1Bd5bcGXf%2FuS3MuZb0JhviwqiqTxPlCVmLjrGsh5E2cFHmQbvQaLOI%2F8sCLEY%2BIJMkwM%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c4889ffe0a95-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:58 UTC541INData Raw: 66 31 38 0d 0a 40 69 6d 70 6f 72 74 20 75 72 6c 28 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 26 64 69 73 70 6c 61 79 3d 73 77 61 70 27 29 3b 0a 0a 2f 2a 20 64 69 73 61 62 6c 65 20 64 61 72 6b 20 6d 6f 64 65 20 70 65 6e 64 69 6e 67 20 6d 6f 72 65 20 70 72 65 63 69 73 65 20 77 6f 72 6b 20 2a 2f 0a 2f 2a 20 40 69 6d 70 6f 72 74 20 22 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6d 65 6d 69 6e 7a 2f 63 73 73 2f 64 61 72 6b 6d 6f 64 65 2d 63 75 73 74 6f 6d 2e 63 73 73 22 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 20 64 61 72 6b 29 3b 0a 2a 2f 0a 0a 23 6e 6f 2d 75 73 65 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f
                                                                                                                                                                                                                          Data Ascii: f18@import url('https://fonts.googleapis.com/css2?family=Roboto&display=swap');/* disable dark mode pending more precise work *//* @import "/wp-content/themes/meminz/css/darkmode-custom.css" (prefers-color-scheme: dark);*/#no-use {margin: 0 auto
                                                                                                                                                                                                                          2024-05-05 12:34:58 UTC1369INData Raw: 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 66 6f 63 75 73 0a 7b 0a 09 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 3a 68 6f 76 65 72 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 6c 69 20 61 2e 73 65 6c 65 63 74 65 64 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2e 61 63 74 69 76 65 20 61 2c 0a 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20
                                                                                                                                                                                                                          Data Ascii: avbar-default .navbar-nav li a:focus{border: none;}.navbar-default .navbar-nav li a:hover,.navbar-default .navbar-nav li a.selected,.navbar-default .navbar-nav .active a,.navbar-default .navbar-nav .dropdown.active a,.navbar-default .navbar-nav
                                                                                                                                                                                                                          2024-05-05 12:34:58 UTC1369INData Raw: 65 74 20 23 30 30 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 2e 35 65 6d 3b 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 2e 35 65 6d 3b 0a 09 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 37 30 30 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 32 70 78 3b 0a 09 2d 6d 6f 7a 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 77 65 62 6b 69 74 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 09 2d 6b 68 74 6d 6c 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 20 2e 35 65 6d 3b 0a 09 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 2e 35 65 6d 3b 0a 7d 0a 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a 61 63 74 69 76 65 2c 0a 61 2e 64 6f 77 6e 6c 6f 61 64 5f 62 75 74 74 6f 6e 3a
                                                                                                                                                                                                                          Data Ascii: et #000;padding: .5em;line-height: 2.5em;font-weight: 700;border-width: 2px;-moz-border-radius: .5em;-webkit-border-radius: .5em;-khtml-border-radius: .5em .5em .5em .5em;border-radius: .5em;}a.download_button:active,a.download_button:
                                                                                                                                                                                                                          2024-05-05 12:34:58 UTC592INData Raw: 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 45 30 45 30 45 30 3b 0a 09 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 39 41 39 41 39 41 3b 0a 09 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 31 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 09 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 7d 0a 0a 2e 77 70 62 5f 63 6f 6e 74 65 6e 74 5f 65 6c 65 6d 65 6e 74 20 2e 77 70 62 5f 74 61 62 73 5f 6e 61 76 20 7b 0a 09 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 68 69 64 64 65 6e 2c 20 2e 65 64 64 5f 73 6c 5f 6e 6f 5f 6d 61 6e 61 67 65 6d 65 6e 74 2c 20 2e 65 64 64 5f 73 6c 5f 73 74 61 74 75 73 5f 6c 61 62 65 6c 2c 20 2e 65 64 64 2d 73 6c 2d 61
                                                                                                                                                                                                                          Data Ascii: ground-color: #E0E0E0;border-color: #9A9A9A;border-width: 1px;border-top-left-radius: 6px;border-top-right-radius: 6px;}.wpb_content_element .wpb_tabs_nav {border-style: none;}.hidden, .edd_sl_no_management, .edd_sl_status_label, .edd-sl-a
                                                                                                                                                                                                                          2024-05-05 12:34:58 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          290192.168.2.450053104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:58 UTC1016OUTPOST /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 136
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded; charset=UTF-8
                                                                                                                                                                                                                          X-Requested-With: XMLHttpRequest
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912497.26.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:58 UTC136OUTData Raw: 61 63 74 69 6f 6e 3d 65 64 64 75 68 5f 74 72 61 63 6b 5f 68 69 73 74 6f 72 79 26 70 61 67 65 5f 75 72 6c 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 62 69 74 73 75 6d 2e 63 6f 6d 25 32 46 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 25 32 46 25 33 46 64 69 73 63 6f 75 6e 74 25 33 44 42 49 54 53 55 4d 32 35 4f 46 46 25 32 36 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 25 33 44 31 26 72 65 66 65 72 72 65 72 3d
                                                                                                                                                                                                                          Data Ascii: action=edduh_track_history&page_url=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&referrer=
                                                                                                                                                                                                                          2024-05-05 12:34:58 UTC1014INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:58 GMT
                                                                                                                                                                                                                          Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                          Content-Length: 120
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          X-Robots-Tag: noindex
                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sIh8XoKkbA8kzJ78k2JWdCk2SZxKiYMFeif%2F9WAkWT5c8OC71VW2pB8ftJ9XqRT77k%2BA3pdK7ED8pZjmfXYrtnT8RfYbWeFpIZ2WV5HblZ4uUkbEp8eMsjskKAM%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c48aefd62021-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:58 UTC120INData Raw: 7b 22 73 75 63 63 65 73 73 22 3a 74 72 75 65 2c 22 64 61 74 61 22 3a 7b 22 70 61 67 65 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 62 69 74 73 75 6d 2e 63 6f 6d 5c 2f 67 65 74 2d 6c 61 73 73 6f 2d 70 72 6f 5c 2f 3f 64 69 73 63 6f 75 6e 74 3d 42 49 54 53 55 4d 32 35 4f 46 46 26 23 30 33 38 3b 69 6e 70 72 6f 64 75 63 74 63 6f 75 70 6f 6e 3d 31 22 7d 7d
                                                                                                                                                                                                                          Data Ascii: {"success":true,"data":{"page_url":"https:\/\/bitsum.com\/get-lasso-pro\/?discount=BITSUM25OFF&#038;inproductcoupon=1"}}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          291192.168.2.450055104.26.5.1024434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:58 UTC925OUTGET /wp-content/uploads/redux/custom-fonts/fonts.css?ver=1714912497 HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: style
                                                                                                                                                                                                                          Referer: https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912491.32.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:58 UTC741INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:58 GMT
                                                                                                                                                                                                                          Content-Type: text/css
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Last-Modified: Fri, 20 Jan 2023 17:33:14 GMT
                                                                                                                                                                                                                          ETag: "1f80ab-0-5f2b571b5b143"
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: MISS
                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SSOInM8ICootHZdRNwpYt%2FsfmhJgDzxr3RUiBQlz8oLFLU8yLrhJ8lnr2wXYX8SGfo8nO2NqYA5BuwAf78dEjGpIMMHY51BX4f4KDHwXro09anOQwW0Mg6nU%2B9M%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c48b59d15a57-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                          292192.168.2.450054216.239.38.1814434320C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:58 UTC1235OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912497244&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=1&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=page_view&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=1433 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:58 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:58 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                          293192.168.2.450056216.239.38.181443
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:58 UTC1240OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912497244&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&are=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pae=1&_eu=AAg&_s=2&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=get_lasso_pro&ep.forceSSL=true&ep.link_attribution=true&_et=3&tfd=1810 HTTP/1.1
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:58 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:58 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                          294192.168.2.450057216.239.38.181443
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:58 UTC1690OUTPOST /g/collect?v=2&tid=G-ZV0D0J286B&gtm=45je4510v890333677za200&_p=1714912497244&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZGIzZG&cid=22835578.1714912397&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=Ag&_s=3&sid=1714912397&sct=1&seg=1&dl=https%3A%2F%2Fbitsum.com%2Fget-lasso-pro%2F%3Fdiscount%3DBITSUM25OFF%26inproductcoupon%3D1&dt=Get%20Process%20Lasso%20Pro&en=view_item_list&_ee=1&pr1=pr4.95~lp1~id322~nmProcess%20Lasso%20Pro~capro%20version~va5&pr2=pr24.95~lp2~id322~nmProcess%20Lasso%20Pro~capro%20version~va4&pr3=pr39.95~lp3~id322~nmProcess%20Lasso%20Pro~capro%20version~va3&pr4=pr5.95~lp4~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va4&pr5=pr36.95~lp5~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va2&pr6=pr64.95~lp6~id853~nmProcess%20Lasso%20Pro%20Entire%20Home~caentire%20home~va3&ep.forceSSL=true&ep.link_attribution=true&_e [TRUNCATED]
                                                                                                                                                                                                                          Host: analytics.google.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://bitsum.com
                                                                                                                                                                                                                          X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:58 UTC444INHTTP/1.1 204 No Content
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://bitsum.com
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:58 GMT
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                          Server: Golfe2
                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                          295192.168.2.450058192.0.76.3443
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:58 UTC690OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1781&rand=0.6508001778069497 HTTP/1.1
                                                                                                                                                                                                                          Host: pixel.wp.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: image
                                                                                                                                                                                                                          Referer: https://bitsum.com/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:58 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:58 GMT
                                                                                                                                                                                                                          Content-Type: image/gif
                                                                                                                                                                                                                          Content-Length: 50
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:58 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                          Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                          296192.168.2.450059104.26.5.102443
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:58 UTC648OUTGET /wp-admin/admin-ajax.php HTTP/1.1
                                                                                                                                                                                                                          Host: bitsum.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: PHPSESSID=906bgo51dgbvgft8vj85mdcsnr; _ga=GA1.1.22835578.1714912397; edduh_hash=4c798686f90c46ceff63ed3c997fa277; __stripe_mid=daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9; __stripe_sid=ecf4ef75-365c-4793-b0e6-c944798758968a2a65; _ga_ZV0D0J286B=GS1.1.1714912397.1.1.1714912497.26.0.0
                                                                                                                                                                                                                          2024-05-05 12:34:59 UTC821INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:59 GMT
                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                          Content-Length: 1
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
                                                                                                                                                                                                                          Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                                                          Cache-Control: no-cache, must-revalidate, max-age=0, no-store
                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                          X-Robots-Tag: noindex
                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NNpP44gFzqaf682YoQBmiIH2ZlcVv%2BOdW0T1S5TGHT2jrT9ow74JNQpvgq4NsK41VFNJvNNju4BKB%2BcB%2Biyb9HZz5VkqvnHIK2QC%2F%2BXZTno55aIb1CeuuL%2Fgf7w%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                          CF-RAY: 87f0c48f8f266fda-IAD
                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:59 UTC1INData Raw: 30
                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                          297192.168.2.450061192.0.76.3443
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:59 UTC460OUTGET /g.gif?v=ext&blog=94535937&post=26649&tz=-4&srv=bitsum.com&j=1%3A13.3.1&host=bitsum.com&ref=&fcp=1781&rand=0.6508001778069497 HTTP/1.1
                                                                                                                                                                                                                          Host: pixel.wp.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          2024-05-05 12:34:59 UTC222INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:59 GMT
                                                                                                                                                                                                                          Content-Type: image/gif
                                                                                                                                                                                                                          Content-Length: 50
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=86400
                                                                                                                                                                                                                          2024-05-05 12:34:59 UTC50INData Raw: 47 49 46 38 39 61 06 00 05 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 06 00 05 00 00 02 09 0c 62 78 89 cd 6a 80 0c 05 00 3b
                                                                                                                                                                                                                          Data Ascii: GIF89a!,bxj;


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                          298192.168.2.45006044.229.0.33443
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:34:59 UTC660OUTPOST /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          Content-Length: 3504
                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Origin: https://m.stripe.network
                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Referer: https://m.stripe.network/
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7
                                                                                                                                                                                                                          2024-05-05 12:34:59 UTC3504OUTData Raw: 4a 54 64 43 4a 54 49 79 64 6a 49 6c 4d 6a 49 6c 4d 30 45 78 4a 54 4a 44 4a 54 49 79 61 57 51 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 49 33 4d 47 4d 79 4d 44 6b 35 4d 54 67 7a 59 6a 63 30 5a 6a 6b 32 4e 47 51 35 4f 57 51 79 5a 47 52 6b 5a 6d 4e 6d 4f 54 68 69 59 69 55 79 4d 69 55 79 51 79 55 79 4d 6e 51 6c 4d 6a 49 6c 4d 30 45 30 4d 43 34 79 4a 54 4a 44 4a 54 49 79 64 47 46 6e 4a 54 49 79 4a 54 4e 42 4a 54 49 79 4e 43 34 31 4c 6a 51 7a 4a 54 49 79 4a 54 4a 44 4a 54 49 79 63 33 4a 6a 4a 54 49 79 4a 54 4e 42 4a 54 49 79 61 6e 4d 6c 4d 6a 49 6c 4d 6b 4d 6c 4d 6a 4a 68 4a 54 49 79 4a 54 4e 42 4a 54 64 43 4a 54 49 79 59 53 55 79 4d 69 55 7a 51 53 55 33 51 69 55 79 4d 6e 59 6c 4d 6a 49 6c 4d 30 45 6c 4d 6a 4a 30 63 6e 56 6c 4a 54 49 79 4a 54 4a 44 4a 54 49 79 64 43 55
                                                                                                                                                                                                                          Data Ascii: JTdCJTIydjIlMjIlM0ExJTJDJTIyaWQlMjIlM0ElMjI3MGMyMDk5MTgzYjc0Zjk2NGQ5OWQyZGRkZmNmOThiYiUyMiUyQyUyMnQlMjIlM0E0MC4yJTJDJTIydGFnJTIyJTNBJTIyNC41LjQzJTIyJTJDJTIyc3JjJTIyJTNBJTIyanMlMjIlMkMlMjJhJTIyJTNBJTdCJTIyYSUyMiUzQSU3QiUyMnYlMjIlM0ElMjJ0cnVlJTIyJTJDJTIydCU
                                                                                                                                                                                                                          2024-05-05 12:34:59 UTC756INHTTP/1.1 200 OK
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:34:59 GMT
                                                                                                                                                                                                                          Content-Length: 156
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          set-cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7;Expires=Tue, 05-May-2026 12:34:59 GMT;Secure;HttpOnly; SameSite=None
                                                                                                                                                                                                                          x-content-type-options: nosniff
                                                                                                                                                                                                                          x-stripe-server-envoy-start-time-us: 1714912499585765
                                                                                                                                                                                                                          x-stripe-server-envoy-upstream-service-time-ms: 3
                                                                                                                                                                                                                          x-envoy-attempt-count: 1
                                                                                                                                                                                                                          x-stripe-bg-intended-route-color: blue
                                                                                                                                                                                                                          x-stripe-client-envoy-start-time-us: 1714912499585395
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:34:59 UTC156INData Raw: 7b 22 6d 75 69 64 22 3a 22 64 61 61 33 63 63 35 32 2d 32 38 33 34 2d 34 65 61 31 2d 61 34 36 63 2d 35 37 62 37 36 35 36 63 65 66 62 39 37 39 30 32 65 39 22 2c 22 67 75 69 64 22 3a 22 32 36 39 37 37 36 30 38 2d 65 39 30 32 2d 34 39 63 37 2d 38 39 30 61 2d 38 63 66 35 61 62 30 66 38 66 31 32 35 62 63 30 65 37 22 2c 22 73 69 64 22 3a 22 65 63 66 34 65 66 37 35 2d 33 36 35 63 2d 34 37 39 33 2d 62 30 65 36 2d 63 39 34 34 37 39 38 37 35 38 39 36 38 61 32 61 36 35 22 7d
                                                                                                                                                                                                                          Data Ascii: {"muid":"daa3cc52-2834-4ea1-a46c-57b7656cefb97902e9","guid":"26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7","sid":"ecf4ef75-365c-4793-b0e6-c944798758968a2a65"}


                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                          299192.168.2.45006244.237.131.121443
                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                          2024-05-05 12:35:00 UTC433OUTGET /6 HTTP/1.1
                                                                                                                                                                                                                          Host: m.stripe.com
                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                          Cookie: m=26977608-e902-49c7-890a-8cf5ab0f8f125bc0e7; cid=20e0c4be-3e0c-4f7a-a701-c7c9489586b9
                                                                                                                                                                                                                          2024-05-05 12:35:00 UTC439INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                          Date: Sun, 05 May 2024 12:35:00 GMT
                                                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                                                          Content-Length: 138
                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                          Location: https://stripe.com
                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://m.stripe.network
                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                          Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
                                                                                                                                                                                                                          Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                          2024-05-05 12:35:00 UTC138INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                          Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                          Statistics

                                                                                                                                                                                                                          CPU Usage

                                                                                                                                                                                                                          Click to jump to process

                                                                                                                                                                                                                          Memory Usage

                                                                                                                                                                                                                          Click to jump to process

                                                                                                                                                                                                                          High Level Behavior Distribution

                                                                                                                                                                                                                          Click to dive into process behavior distribution

                                                                                                                                                                                                                          Behavior

                                                                                                                                                                                                                          Click to jump to process

                                                                                                                                                                                                                          System Behavior

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          Target ID:0
                                                                                                                                                                                                                          Start time:14:32:49
                                                                                                                                                                                                                          Start date:05/05/2024
                                                                                                                                                                                                                          Path:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                          Commandline:"C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe"
                                                                                                                                                                                                                          Imagebase:0x450000
                                                                                                                                                                                                                          File size:2'995'928 bytes
                                                                                                                                                                                                                          MD5 hash:99F74D2572735BBACB8251A73E9CB312
                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          Target ID:1
                                                                                                                                                                                                                          Start time:14:32:54
                                                                                                                                                                                                                          Start date:05/05/2024
                                                                                                                                                                                                                          Path:C:\Users\user\Desktop\PostUpdate.exe
                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                          Commandline:"C:\Users\user\Desktop\PostUpdate.exe"
                                                                                                                                                                                                                          Imagebase:0x7ff647270000
                                                                                                                                                                                                                          File size:683'408 bytes
                                                                                                                                                                                                                          MD5 hash:2D51866F9D1AA7FA9619EE68068D89F2
                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                          Antivirus matches:
                                                                                                                                                                                                                          • Detection: 0%, ReversingLabs
                                                                                                                                                                                                                          • Detection: 0%, Virustotal, Browse
                                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          Target ID:2
                                                                                                                                                                                                                          Start time:14:32:55
                                                                                                                                                                                                                          Start date:05/05/2024
                                                                                                                                                                                                                          Path:C:\Users\user\Desktop\bitsumsessionagent.exe
                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                          Commandline:C:\Users\user\Desktop\bitsumsessionagent.exe ----------------------------------------------------------------
                                                                                                                                                                                                                          Imagebase:0x7ff7e99d0000
                                                                                                                                                                                                                          File size:185'752 bytes
                                                                                                                                                                                                                          MD5 hash:BACDA076E8252AFF54E3F66333FACEA6
                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                          Antivirus matches:
                                                                                                                                                                                                                          • Detection: 0%, ReversingLabs
                                                                                                                                                                                                                          • Detection: 0%, Virustotal, Browse
                                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          Target ID:3
                                                                                                                                                                                                                          Start time:14:32:57
                                                                                                                                                                                                                          Start date:05/05/2024
                                                                                                                                                                                                                          Path:C:\Users\user\Desktop\bitsumsessionagent.exe
                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                          Commandline:C:\Users\user\Desktop\bitsumsessionagent.exe ----------------------------------------------------------------
                                                                                                                                                                                                                          Imagebase:0x7ff7e99d0000
                                                                                                                                                                                                                          File size:185'752 bytes
                                                                                                                                                                                                                          MD5 hash:BACDA076E8252AFF54E3F66333FACEA6
                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          Target ID:4
                                                                                                                                                                                                                          Start time:14:32:57
                                                                                                                                                                                                                          Start date:05/05/2024
                                                                                                                                                                                                                          Path:C:\Users\user\Desktop\ProcessLasso.exe
                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                          Commandline:/postupdate
                                                                                                                                                                                                                          Imagebase:0x7ff7e6bf0000
                                                                                                                                                                                                                          File size:1'879'960 bytes
                                                                                                                                                                                                                          MD5 hash:2A90A0E4D3294488FB6F81326306B55D
                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                          Antivirus matches:
                                                                                                                                                                                                                          • Detection: 0%, ReversingLabs
                                                                                                                                                                                                                          • Detection: 0%, Virustotal, Browse
                                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          Target ID:6
                                                                                                                                                                                                                          Start time:14:33:09
                                                                                                                                                                                                                          Start date:05/05/2024
                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Imagebase:0x7ff76e190000
                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          Target ID:8
                                                                                                                                                                                                                          Start time:14:33:10
                                                                                                                                                                                                                          Start date:05/05/2024
                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2128 --field-trial-handle=2008,i,15519515346526546949,12768663373264760233,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                          Imagebase:0x7ff76e190000
                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          Target ID:9
                                                                                                                                                                                                                          Start time:14:33:17
                                                                                                                                                                                                                          Start date:05/05/2024
                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Imagebase:0x7ff76e190000
                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          Target ID:10
                                                                                                                                                                                                                          Start time:14:33:17
                                                                                                                                                                                                                          Start date:05/05/2024
                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 --field-trial-handle=1984,i,5106367926550211044,9373728312157229491,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                          Imagebase:0x7ff76e190000
                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          Target ID:13
                                                                                                                                                                                                                          Start time:14:33:27
                                                                                                                                                                                                                          Start date:05/05/2024
                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Imagebase:0x7ff76e190000
                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          Target ID:14
                                                                                                                                                                                                                          Start time:14:33:27
                                                                                                                                                                                                                          Start date:05/05/2024
                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1740 --field-trial-handle=1996,i,7114810720293782166,12932913640708286940,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                          Imagebase:0x7ff76e190000
                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          Target ID:15
                                                                                                                                                                                                                          Start time:14:33:33
                                                                                                                                                                                                                          Start date:05/05/2024
                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Imagebase:0x7ff76e190000
                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          Target ID:16
                                                                                                                                                                                                                          Start time:14:33:36
                                                                                                                                                                                                                          Start date:05/05/2024
                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2016 --field-trial-handle=1984,i,2617033844371038707,2385638837885236536,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                          Imagebase:0x7ff76e190000
                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          Target ID:18
                                                                                                                                                                                                                          Start time:14:33:41
                                                                                                                                                                                                                          Start date:05/05/2024
                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Imagebase:0x7ff76e190000
                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          Target ID:19
                                                                                                                                                                                                                          Start time:14:33:44
                                                                                                                                                                                                                          Start date:05/05/2024
                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1996 --field-trial-handle=1948,i,16641894259137025231,17552674618342249670,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                          Imagebase:0x7ff76e190000
                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          Target ID:20
                                                                                                                                                                                                                          Start time:14:33:51
                                                                                                                                                                                                                          Start date:05/05/2024
                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Imagebase:0x7ff76e190000
                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          Target ID:21
                                                                                                                                                                                                                          Start time:14:33:51
                                                                                                                                                                                                                          Start date:05/05/2024
                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2040 --field-trial-handle=1984,i,18071265613074346824,7565659784721279921,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                          Imagebase:0x7ff76e190000
                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          Target ID:22
                                                                                                                                                                                                                          Start time:14:33:58
                                                                                                                                                                                                                          Start date:05/05/2024
                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Imagebase:0x7ff76e190000
                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          Target ID:23
                                                                                                                                                                                                                          Start time:14:33:59
                                                                                                                                                                                                                          Start date:05/05/2024
                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1884 --field-trial-handle=1952,i,13378929248748638004,16609101256085625740,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                          Imagebase:0x7ff76e190000
                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          Target ID:24
                                                                                                                                                                                                                          Start time:14:34:05
                                                                                                                                                                                                                          Start date:05/05/2024
                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Imagebase:0x7ff76e190000
                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          Target ID:25
                                                                                                                                                                                                                          Start time:14:34:06
                                                                                                                                                                                                                          Start date:05/05/2024
                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2040 --field-trial-handle=1976,i,556397286523747728,13715138569827133155,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                          Imagebase:0x7ff76e190000
                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          Target ID:26
                                                                                                                                                                                                                          Start time:14:34:12
                                                                                                                                                                                                                          Start date:05/05/2024
                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Imagebase:0x7ff76e190000
                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          Target ID:27
                                                                                                                                                                                                                          Start time:14:34:12
                                                                                                                                                                                                                          Start date:05/05/2024
                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 --field-trial-handle=1992,i,3103486031131948529,12771731290429994548,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                          Imagebase:0x7ff76e190000
                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          Target ID:29
                                                                                                                                                                                                                          Start time:14:34:20
                                                                                                                                                                                                                          Start date:05/05/2024
                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Imagebase:0x7ff76e190000
                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          Target ID:30
                                                                                                                                                                                                                          Start time:14:34:20
                                                                                                                                                                                                                          Start date:05/05/2024
                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1976 --field-trial-handle=2000,i,4281038644087026732,4404549652330960055,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                          Imagebase:0x7ff76e190000
                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          Target ID:31
                                                                                                                                                                                                                          Start time:14:34:27
                                                                                                                                                                                                                          Start date:05/05/2024
                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Imagebase:0x7ff76e190000
                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          Target ID:32
                                                                                                                                                                                                                          Start time:14:34:28
                                                                                                                                                                                                                          Start date:05/05/2024
                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1840 --field-trial-handle=1984,i,16754105667391397097,1628277584012059700,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                          Imagebase:0x7ff76e190000
                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          Target ID:33
                                                                                                                                                                                                                          Start time:14:34:34
                                                                                                                                                                                                                          Start date:05/05/2024
                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Imagebase:0x7ff76e190000
                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          Target ID:34
                                                                                                                                                                                                                          Start time:14:34:34
                                                                                                                                                                                                                          Start date:05/05/2024
                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2024 --field-trial-handle=1988,i,13307509518589281415,1496618762875588576,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                          Imagebase:0x7ff76e190000
                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          Target ID:35
                                                                                                                                                                                                                          Start time:14:34:40
                                                                                                                                                                                                                          Start date:05/05/2024
                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Imagebase:0x7ff76e190000
                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          Target ID:36
                                                                                                                                                                                                                          Start time:14:34:41
                                                                                                                                                                                                                          Start date:05/05/2024
                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 --field-trial-handle=1984,i,10167203328593902513,15389311701757241189,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                          Imagebase:0x7ff76e190000
                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          Target ID:37
                                                                                                                                                                                                                          Start time:14:34:47
                                                                                                                                                                                                                          Start date:05/05/2024
                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Imagebase:0x7ff76e190000
                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          Target ID:38
                                                                                                                                                                                                                          Start time:14:34:49
                                                                                                                                                                                                                          Start date:05/05/2024
                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1872 --field-trial-handle=1724,i,14353911626792566164,9578348925622307936,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                          Imagebase:0x7ff76e190000
                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          Target ID:39
                                                                                                                                                                                                                          Start time:14:34:55
                                                                                                                                                                                                                          Start date:05/05/2024
                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bitsum.com/get-lasso-pro/?discount=BITSUM25OFF&inproductcoupon=1
                                                                                                                                                                                                                          Imagebase:0x7ff76e190000
                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                          General

                                                                                                                                                                                                                          Target ID:40
                                                                                                                                                                                                                          Start time:14:34:56
                                                                                                                                                                                                                          Start date:05/05/2024
                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 --field-trial-handle=1988,i,7229309035351989711,14618348612749984897,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                          Imagebase:0x7ff76e190000
                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                          Disassembly

                                                                                                                                                                                                                          Reset < >

                                                                                                                                                                                                                            Execution Graph

                                                                                                                                                                                                                            Execution Coverage:9.7%
                                                                                                                                                                                                                            Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                                            Signature Coverage:9.9%
                                                                                                                                                                                                                            Total number of Nodes:1583
                                                                                                                                                                                                                            Total number of Limit Nodes:34
                                                                                                                                                                                                                            execution_graph 26074 470747 29 API calls _abort 26027 46a540 CompareStringW ShowWindow SetWindowTextW GlobalAlloc WideCharToMultiByte 26028 470540 46 API calls __RTC_Initialize 25999 45a850 80 API calls Concurrency::cancel_current_task 26000 46b450 GdipCloneImage GdipAlloc 26075 46e750 70 API calls 26030 471550 51 API calls 2 library calls 26057 47c65d 6 API calls __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 25119 46fd58 25120 46fd62 25119->25120 25123 46f9e9 25120->25123 25149 46f747 25123->25149 25125 46f9f9 25126 46fa56 25125->25126 25137 46fa7a 25125->25137 25127 46f987 DloadReleaseSectionWriteAccess 6 API calls 25126->25127 25128 46fa61 RaiseException 25127->25128 25129 46fc4f 25128->25129 25130 46faf2 LoadLibraryExA 25131 46fb05 GetLastError 25130->25131 25132 46fb53 25130->25132 25133 46fb2e 25131->25133 25134 46fb18 25131->25134 25135 46fb65 25132->25135 25138 46fb5e FreeLibrary 25132->25138 25139 46f987 DloadReleaseSectionWriteAccess 6 API calls 25133->25139 25134->25132 25134->25133 25136 46fbc3 GetProcAddress 25135->25136 25145 46fc21 25135->25145 25140 46fbd3 GetLastError 25136->25140 25136->25145 25137->25130 25137->25132 25137->25135 25137->25145 25138->25135 25143 46fb39 RaiseException 25139->25143 25141 46fbe6 25140->25141 25144 46f987 DloadReleaseSectionWriteAccess 6 API calls 25141->25144 25141->25145 25143->25129 25146 46fc07 RaiseException 25144->25146 25158 46f987 25145->25158 25147 46f747 ___delayLoadHelper2@8 6 API calls 25146->25147 25148 46fc1e 25147->25148 25148->25145 25150 46f753 25149->25150 25151 46f779 25149->25151 25166 46f7f0 25150->25166 25151->25125 25153 46f758 25154 46f774 25153->25154 25169 46f919 25153->25169 25174 46f77a GetModuleHandleW GetProcAddress GetProcAddress 25154->25174 25157 46f9c2 25157->25125 25159 46f9bb 25158->25159 25160 46f999 25158->25160 25159->25129 25161 46f7f0 DloadReleaseSectionWriteAccess 3 API calls 25160->25161 25162 46f99e 25161->25162 25163 46f9b6 25162->25163 25164 46f919 DloadProtectSection 3 API calls 25162->25164 25177 46f9bd GetModuleHandleW GetProcAddress GetProcAddress DloadReleaseSectionWriteAccess 25163->25177 25164->25163 25175 46f77a GetModuleHandleW GetProcAddress GetProcAddress 25166->25175 25168 46f7f5 25168->25153 25172 46f92e DloadProtectSection 25169->25172 25170 46f934 25170->25154 25171 46f969 VirtualProtect 25171->25170 25172->25170 25172->25171 25176 46f82f VirtualQuery GetSystemInfo 25172->25176 25174->25157 25175->25168 25176->25171 25177->25159 26001 46c460 99 API calls 26059 47b660 71 API calls _free 26060 46fe61 48 API calls _unexpected 26061 481a60 IsProcessorFeaturePresent 25184 451075 25185 4604e5 41 API calls 25184->25185 25186 45107a 25185->25186 25189 470372 29 API calls 25186->25189 25188 451084 25189->25188 26035 452570 96 API calls 25339 46f002 25340 46f00f 25339->25340 25341 45f937 53 API calls 25340->25341 25342 46f01c 25341->25342 25343 454a20 _swprintf 51 API calls 25342->25343 25344 46f031 SetDlgItemTextW 25343->25344 25345 46c758 5 API calls 25344->25345 25346 46f04e 25345->25346 26004 451800 86 API calls Concurrency::cancel_current_task 26062 470600 27 API calls 26037 483100 CloseHandle 26078 462f0b GetCPInfo IsDBCSLeadByte 25352 45b20a 25353 45b21f 25352->25353 25354 45b218 25352->25354 25355 45b22c GetStdHandle 25353->25355 25362 45b23b 25353->25362 25355->25362 25356 45b293 WriteFile 25356->25362 25357 45b264 WriteFile 25358 45b25f 25357->25358 25357->25362 25358->25357 25358->25362 25360 45b325 25364 457951 77 API calls 25360->25364 25362->25354 25362->25356 25362->25357 25362->25358 25362->25360 25363 45765a 78 API calls 25362->25363 25363->25362 25364->25354 26079 46c316 GetDlgItem EnableWindow ShowWindow SendMessageW 25367 470612 25368 47061e __FrameHandler3::FrameUnwindToState 25367->25368 25399 4701ac 25368->25399 25370 470625 25371 470778 25370->25371 25374 47064f 25370->25374 25476 470a0a IsProcessorFeaturePresent IsDebuggerPresent SetUnhandledExceptionFilter UnhandledExceptionFilter _abort 25371->25476 25373 47077f 25469 47931a 25373->25469 25383 47068e ___scrt_is_nonwritable_in_current_image ___scrt_release_startup_lock 25374->25383 25410 479ebd 25374->25410 25381 47066e 25389 4706ef 25383->25389 25472 478e0c 38 API calls _abort 25383->25472 25385 4706f5 25419 479e0e 51 API calls 25385->25419 25388 4706fd 25420 46f05c 25388->25420 25418 470b25 GetStartupInfoW _abort 25389->25418 25393 470711 25393->25373 25394 470715 25393->25394 25395 47071e 25394->25395 25474 4792bd 28 API calls _abort 25394->25474 25475 47031d 12 API calls ___scrt_uninitialize_crt 25395->25475 25398 470726 25398->25381 25400 4701b5 25399->25400 25478 470826 IsProcessorFeaturePresent 25400->25478 25402 4701c1 25479 473bee 25402->25479 25404 4701c6 25405 4701ca 25404->25405 25487 479d47 25404->25487 25405->25370 25408 4701e1 25408->25370 25413 479ed4 25410->25413 25411 470d7c __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 5 API calls 25412 470668 25411->25412 25412->25381 25414 479e61 25412->25414 25413->25411 25417 479e90 25414->25417 25415 470d7c __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 5 API calls 25416 479eb9 25415->25416 25416->25383 25417->25415 25418->25385 25419->25388 25585 461b83 25420->25585 25424 46f07c 25634 46bd1b 25424->25634 25426 46f085 _abort 25427 46f098 GetCommandLineW 25426->25427 25428 46f13c GetModuleFileNameW SetEnvironmentVariableW GetLocalTime 25427->25428 25429 46f0ab 25427->25429 25431 454a20 _swprintf 51 API calls 25428->25431 25638 46d708 25429->25638 25433 46f1a3 SetEnvironmentVariableW GetModuleHandleW LoadIconW 25431->25433 25649 46c8cd LoadBitmapW 25433->25649 25434 46f136 25643 46ed2e 25434->25643 25435 46f0b9 OpenFileMappingW 25438 46f0d1 MapViewOfFile 25435->25438 25439 46f12d CloseHandle 25435->25439 25441 46f126 UnmapViewOfFile 25438->25441 25442 46f0e2 __InternalCxxFrameHandler 25438->25442 25439->25428 25441->25439 25446 46ed2e 2 API calls 25442->25446 25448 46f0fe 25446->25448 25679 46069c 82 API calls 25448->25679 25449 46a0d7 27 API calls 25451 46f203 DialogBoxParamW 25449->25451 25455 46f23d 25451->25455 25452 46f112 25680 460752 82 API calls _wcslen 25452->25680 25454 46f11d 25454->25441 25456 46f256 25455->25456 25457 46f24f Sleep 25455->25457 25459 46f264 25456->25459 25681 46bfb3 CompareStringW SetCurrentDirectoryW _abort _wcslen 25456->25681 25457->25456 25460 46f283 DeleteObject 25459->25460 25461 46f29f 25460->25461 25462 46f298 DeleteObject 25460->25462 25463 46f2e2 25461->25463 25464 46f2d0 25461->25464 25462->25461 25676 46bd81 25463->25676 25682 46ed8b 6 API calls 25464->25682 25466 46f2d6 CloseHandle 25466->25463 25468 46f31c 25473 470b5b GetModuleHandleW 25468->25473 25812 479097 25469->25812 25472->25389 25473->25393 25474->25395 25475->25398 25476->25373 25478->25402 25491 474c97 25479->25491 25483 473bff 25484 473c0a 25483->25484 25505 474cd3 DeleteCriticalSection 25483->25505 25484->25404 25486 473bf7 25486->25404 25532 47d21a 25487->25532 25490 473c0d 7 API calls 2 library calls 25490->25405 25492 474ca0 25491->25492 25494 474cc9 25492->25494 25496 473bf3 25492->25496 25506 474edc 25492->25506 25511 474cd3 DeleteCriticalSection 25494->25511 25496->25486 25497 473d1c 25496->25497 25525 474ded 25497->25525 25500 473d31 25500->25483 25502 473d3f 25503 473d4c 25502->25503 25531 473d4f 6 API calls ___vcrt_FlsFree 25502->25531 25503->25483 25505->25486 25512 474d02 25506->25512 25509 474f14 InitializeCriticalSectionAndSpinCount 25510 474eff 25509->25510 25510->25492 25511->25496 25513 474d23 25512->25513 25514 474d1f 25512->25514 25513->25514 25515 474d8b GetProcAddress 25513->25515 25518 474d7c 25513->25518 25520 474da2 LoadLibraryExW 25513->25520 25514->25509 25514->25510 25515->25514 25517 474d99 25515->25517 25517->25514 25518->25515 25519 474d84 FreeLibrary 25518->25519 25519->25515 25521 474de9 25520->25521 25522 474db9 GetLastError 25520->25522 25521->25513 25522->25521 25523 474dc4 ___vcrt_FlsSetValue 25522->25523 25523->25521 25524 474dda LoadLibraryExW 25523->25524 25524->25513 25526 474d02 ___vcrt_FlsSetValue 5 API calls 25525->25526 25527 474e07 25526->25527 25528 474e20 TlsAlloc 25527->25528 25529 473d26 25527->25529 25529->25500 25530 474e9e 6 API calls ___vcrt_FlsSetValue 25529->25530 25530->25502 25531->25500 25533 47d237 25532->25533 25535 47d233 25532->25535 25533->25535 25538 47b860 25533->25538 25534 470d7c __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 5 API calls 25536 4701d3 25534->25536 25535->25534 25536->25408 25536->25490 25539 47b86c __FrameHandler3::FrameUnwindToState 25538->25539 25550 47bdf1 EnterCriticalSection 25539->25550 25541 47b873 25551 47d6e8 25541->25551 25543 47b882 25544 47b891 25543->25544 25564 47b6e9 29 API calls 25543->25564 25566 47b8ad LeaveCriticalSection _abort 25544->25566 25547 47b88c 25565 47b79f GetStdHandle GetFileType 25547->25565 25548 47b8a2 _abort 25548->25533 25550->25541 25552 47d6f4 __FrameHandler3::FrameUnwindToState 25551->25552 25553 47d701 25552->25553 25554 47d718 25552->25554 25575 47a7eb 20 API calls _free 25553->25575 25567 47bdf1 EnterCriticalSection 25554->25567 25557 47d706 25576 4751b9 26 API calls _abort 25557->25576 25560 47d710 _abort 25560->25543 25562 47d724 25563 47d750 25562->25563 25568 47d639 25562->25568 25577 47d777 LeaveCriticalSection _abort 25563->25577 25564->25547 25565->25544 25566->25548 25567->25562 25569 47c2f6 _abort 20 API calls 25568->25569 25570 47d64b 25569->25570 25574 47d658 25570->25574 25578 47c0ca 25570->25578 25571 47a66a _free 20 API calls 25572 47d6aa 25571->25572 25572->25562 25574->25571 25575->25557 25576->25560 25577->25560 25579 47be58 _abort 5 API calls 25578->25579 25580 47c0f1 25579->25580 25581 47c10f InitializeCriticalSectionAndSpinCount 25580->25581 25584 47c0fa 25580->25584 25581->25584 25582 470d7c __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 5 API calls 25583 47c126 25582->25583 25583->25570 25584->25582 25586 46ffd0 25585->25586 25587 461b8d GetModuleHandleW 25586->25587 25588 461c07 25587->25588 25589 461ba8 GetProcAddress 25587->25589 25590 461f34 GetModuleFileNameW 25588->25590 25692 4789ee 42 API calls 2 library calls 25588->25692 25591 461bc1 25589->25591 25592 461bd9 GetProcAddress 25589->25592 25601 461f52 25590->25601 25591->25592 25593 461beb 25592->25593 25593->25588 25595 461e74 25595->25590 25596 461e7f GetModuleFileNameW CreateFileW 25595->25596 25597 461eaf SetFilePointer 25596->25597 25598 461f28 CloseHandle 25596->25598 25597->25598 25599 461ebd ReadFile 25597->25599 25598->25590 25599->25598 25602 461edb 25599->25602 25604 461fb4 GetFileAttributesW 25601->25604 25606 461f7d CompareStringW 25601->25606 25607 461fcc 25601->25607 25683 45c619 25601->25683 25686 461b3b 25601->25686 25602->25598 25605 461b3b 2 API calls 25602->25605 25604->25601 25604->25607 25605->25602 25606->25601 25608 461fd7 25607->25608 25610 46200c 25607->25610 25611 461ff0 GetFileAttributesW 25608->25611 25613 462008 25608->25613 25609 46211b 25633 46b65d GetCurrentDirectoryW 25609->25633 25610->25609 25612 45c619 GetVersionExW 25610->25612 25611->25608 25611->25613 25614 462026 25612->25614 25613->25610 25615 462093 25614->25615 25616 46202d 25614->25616 25617 454a20 _swprintf 51 API calls 25615->25617 25618 461b3b 2 API calls 25616->25618 25619 4620bb AllocConsole 25617->25619 25620 462037 25618->25620 25621 462113 ExitProcess 25619->25621 25622 4620c8 GetCurrentProcessId AttachConsole 25619->25622 25623 461b3b 2 API calls 25620->25623 25693 474fa3 25622->25693 25625 462041 25623->25625 25627 45f937 53 API calls 25625->25627 25626 4620e9 GetStdHandle WriteConsoleW Sleep FreeConsole 25626->25621 25628 46205c 25627->25628 25629 454a20 _swprintf 51 API calls 25628->25629 25630 46206f 25629->25630 25631 45f937 53 API calls 25630->25631 25632 46207e 25631->25632 25632->25621 25633->25424 25635 461b3b 2 API calls 25634->25635 25636 46bd2f OleInitialize 25635->25636 25637 46bd52 GdiplusStartup SHGetMalloc 25636->25637 25637->25426 25642 46d712 25638->25642 25639 46d828 25639->25434 25639->25435 25640 463307 CharUpperW 25640->25642 25642->25639 25642->25640 25695 460752 82 API calls _wcslen 25642->25695 25644 46ffd0 25643->25644 25645 46ed3b SetEnvironmentVariableW 25644->25645 25646 46ed5e 25645->25646 25647 46ed86 25646->25647 25648 46ed7a SetEnvironmentVariableW 25646->25648 25647->25428 25648->25647 25650 46c8ee 25649->25650 25651 46c8fb GetObjectW 25649->25651 25696 46b6d2 FindResourceW 25650->25696 25656 46c90a 25651->25656 25653 46b5d6 4 API calls 25655 46c91d 25653->25655 25657 46c960 25655->25657 25658 46c93c 25655->25658 25659 46b6d2 12 API calls 25655->25659 25656->25653 25668 45ed62 25657->25668 25710 46b615 GetDC GetDeviceCaps GetDeviceCaps ReleaseDC 25658->25710 25661 46c92d 25659->25661 25661->25658 25663 46c933 DeleteObject 25661->25663 25662 46c944 25711 46b5f4 GetDC GetDeviceCaps GetDeviceCaps ReleaseDC 25662->25711 25663->25658 25665 46c94d 25712 46b81c 8 API calls 25665->25712 25667 46c954 DeleteObject 25667->25657 25721 45ed87 25668->25721 25673 46a0d7 25674 46febe 27 API calls 25673->25674 25675 46a0f6 25674->25675 25675->25449 25677 46bdb0 GdiplusShutdown OleUninitialize 25676->25677 25677->25468 25679->25452 25680->25454 25681->25459 25682->25466 25684 45c62d GetVersionExW 25683->25684 25685 45c669 25683->25685 25684->25685 25685->25601 25687 46ffd0 25686->25687 25688 461b48 GetSystemDirectoryW 25687->25688 25689 461b60 25688->25689 25690 461b7e 25688->25690 25691 461b71 LoadLibraryW 25689->25691 25690->25601 25691->25690 25692->25595 25694 474fab 25693->25694 25694->25626 25694->25694 25695->25642 25697 46b6f5 SizeofResource 25696->25697 25698 46b7e3 25696->25698 25697->25698 25699 46b70c LoadResource 25697->25699 25698->25651 25698->25656 25699->25698 25700 46b721 LockResource 25699->25700 25700->25698 25701 46b732 GlobalAlloc 25700->25701 25701->25698 25702 46b74d GlobalLock 25701->25702 25703 46b7dc GlobalFree 25702->25703 25704 46b75c __InternalCxxFrameHandler 25702->25704 25703->25698 25705 46b7d5 GlobalUnlock 25704->25705 25713 46b636 GdipAlloc 25704->25713 25705->25703 25708 46b7c0 25708->25705 25709 46b7aa GdipCreateHBITMAPFromBitmap 25709->25708 25710->25662 25711->25665 25712->25667 25714 46b655 25713->25714 25715 46b648 25713->25715 25714->25705 25714->25708 25714->25709 25717 46b3c8 25715->25717 25718 46b3f0 GdipCreateBitmapFromStream 25717->25718 25719 46b3e9 GdipCreateBitmapFromStreamICM 25717->25719 25720 46b3f5 25718->25720 25719->25720 25720->25714 25722 45ed95 __EH_prolog 25721->25722 25723 45edc4 GetModuleFileNameW 25722->25723 25724 45edf5 25722->25724 25725 45edde 25723->25725 25767 45ab40 25724->25767 25725->25724 25727 45ee51 25778 477730 25727->25778 25728 45a801 80 API calls 25729 45ed6e 25728->25729 25765 45f5be GetModuleHandleW FindResourceW 25729->25765 25731 45f581 78 API calls 25733 45ee25 25731->25733 25732 45ee64 25734 477730 26 API calls 25732->25734 25733->25727 25733->25731 25745 45f06a 25733->25745 25742 45ee76 ___vcrt_FlsSetValue 25734->25742 25735 45efa5 25735->25745 25798 45b000 81 API calls 25735->25798 25737 45b110 79 API calls 25737->25742 25739 45efbf ___std_exception_copy 25740 45ae60 82 API calls 25739->25740 25739->25745 25743 45efe8 ___std_exception_copy 25740->25743 25742->25735 25742->25737 25742->25745 25792 45ae60 25742->25792 25797 45b000 81 API calls 25742->25797 25743->25745 25762 45eff3 ___vcrt_FlsSetValue _wcslen ___std_exception_copy 25743->25762 25799 462ed2 MultiByteToWideChar 25743->25799 25745->25728 25746 45f479 25751 45f4fe 25746->25751 25805 47a09e 26 API calls 2 library calls 25746->25805 25748 45f48e 25806 478a18 26 API calls 2 library calls 25748->25806 25750 45f534 25754 477730 26 API calls 25750->25754 25751->25750 25757 45f581 78 API calls 25751->25757 25753 45f4e6 25807 45f59c 78 API calls 25753->25807 25756 45f54d 25754->25756 25758 477730 26 API calls 25756->25758 25757->25751 25758->25745 25760 4630f5 WideCharToMultiByte 25760->25762 25762->25745 25762->25746 25762->25760 25800 45f8d1 50 API calls __vsnprintf 25762->25800 25801 477571 26 API calls 3 library calls 25762->25801 25802 47a09e 26 API calls 2 library calls 25762->25802 25803 478a18 26 API calls 2 library calls 25762->25803 25804 45f59c 78 API calls 25762->25804 25766 45ed75 25765->25766 25766->25673 25768 45ab4a 25767->25768 25769 45abab CreateFileW 25768->25769 25770 45abcc GetLastError 25769->25770 25773 45ac1b 25769->25773 25771 45cf32 GetCurrentDirectoryW 25770->25771 25772 45abec 25771->25772 25772->25773 25775 45abf0 CreateFileW GetLastError 25772->25775 25774 45ac5f 25773->25774 25776 45ac45 SetFileTime 25773->25776 25774->25733 25775->25773 25777 45ac15 25775->25777 25776->25774 25777->25773 25779 477769 25778->25779 25780 47776d 25779->25780 25791 477795 25779->25791 25808 47a7eb 20 API calls _free 25780->25808 25782 477772 25809 4751b9 26 API calls _abort 25782->25809 25783 477ab9 25785 470d7c __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 5 API calls 25783->25785 25787 477ac6 25785->25787 25786 47777d 25788 470d7c __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 5 API calls 25786->25788 25787->25732 25790 477789 25788->25790 25790->25732 25791->25783 25810 477650 5 API calls __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 25791->25810 25793 45ae6c 25792->25793 25795 45ae73 25792->25795 25793->25742 25795->25793 25796 45a9e5 GetStdHandle ReadFile GetLastError GetLastError GetFileType 25795->25796 25811 4577bd 77 API calls 25795->25811 25796->25795 25797->25742 25798->25739 25799->25762 25800->25762 25801->25762 25802->25762 25803->25762 25804->25762 25805->25748 25806->25753 25807->25751 25808->25782 25809->25786 25810->25791 25811->25795 25813 4790a3 _abort 25812->25813 25814 4790bc 25813->25814 25815 4790aa 25813->25815 25836 47bdf1 EnterCriticalSection 25814->25836 25848 4791f1 GetModuleHandleW 25815->25848 25818 4790af 25818->25814 25849 479235 GetModuleHandleExW 25818->25849 25819 479161 25837 4791a1 25819->25837 25823 4790c3 25823->25819 25825 479138 25823->25825 25857 479bb0 20 API calls _abort 25823->25857 25826 479150 25825->25826 25831 479e61 _abort 5 API calls 25825->25831 25832 479e61 _abort 5 API calls 25826->25832 25827 47917e 25840 4791b0 25827->25840 25828 4791aa 25858 483550 5 API calls __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 25828->25858 25831->25826 25832->25819 25836->25823 25859 47be41 LeaveCriticalSection 25837->25859 25839 47917a 25839->25827 25839->25828 25860 47c236 25840->25860 25843 4791de 25846 479235 _abort 8 API calls 25843->25846 25844 4791be GetPEB 25844->25843 25845 4791ce GetCurrentProcess TerminateProcess 25844->25845 25845->25843 25847 4791e6 ExitProcess 25846->25847 25848->25818 25850 479282 25849->25850 25851 47925f GetProcAddress 25849->25851 25852 479291 25850->25852 25853 479288 FreeLibrary 25850->25853 25854 479274 25851->25854 25855 470d7c __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 5 API calls 25852->25855 25853->25852 25854->25850 25856 4790bb 25855->25856 25856->25814 25857->25825 25859->25839 25861 47c25b 25860->25861 25863 47c251 25860->25863 25862 47be58 _abort 5 API calls 25861->25862 25862->25863 25864 470d7c __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 5 API calls 25863->25864 25865 4791ba 25864->25865 25865->25843 25865->25844 25866 47d211 31 API calls __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 26006 46b410 GdipDisposeImage GdipFree 26007 451025 29 API calls 26039 456920 41 API calls __EH_prolog 26008 46d420 91 API calls _swprintf 25937 47a620 25945 47bf6f 25937->25945 25940 47a634 25942 47a63c 25943 47a649 25942->25943 25953 47a650 11 API calls 25942->25953 25946 47be58 _abort 5 API calls 25945->25946 25947 47bf96 25946->25947 25948 47bfae TlsAlloc 25947->25948 25949 47bf9f 25947->25949 25948->25949 25950 470d7c __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 5 API calls 25949->25950 25951 47a62a 25950->25951 25951->25940 25952 47a599 20 API calls 2 library calls 25951->25952 25952->25942 25953->25940 26009 46742e 137 API calls __InternalCxxFrameHandler 25955 45ca2e 25956 45ca40 _abort 25955->25956 25959 4623fb 25956->25959 25962 4623bd GetCurrentProcess GetProcessAffinityMask 25959->25962 25963 45ca97 25962->25963 25965 46f32b 14 API calls ___delayLoadHelper2@8 26064 47962a 55 API calls _free 26010 452037 142 API calls __EH_prolog 26040 460534 FreeLibrary 26083 470733 20 API calls 26011 452430 26 API calls std::bad_exception::bad_exception 25974 46f431 25975 46f335 25974->25975 25976 46f9e9 ___delayLoadHelper2@8 14 API calls 25975->25976 25976->25975 26084 479330 52 API calls 2 library calls 25984 45213d 25985 452150 25984->25985 25986 452148 25984->25986 25987 45214e 25985->25987 25989 46febe 27 API calls 25985->25989 25990 452162 27 API calls Concurrency::cancel_current_task 25986->25990 25989->25987 25990->25987 26012 47b8c0 21 API calls 26013 479cc0 7 API calls ___scrt_uninitialize_crt 26042 483dc0 VariantClear 26086 4803c0 51 API calls 26087 46d8d8 102 API calls 4 library calls 23968 45acd4 23971 45acde 23968->23971 23969 45ae2c SetFilePointer 23970 45ae49 GetLastError 23969->23970 23973 45acf4 23969->23973 23970->23973 23971->23969 23972 45ae05 23971->23972 23971->23973 23975 45aa7a 23971->23975 23972->23969 23976 45aa93 23975->23976 23979 45b110 23976->23979 23980 45b122 23979->23980 23984 45b135 23979->23984 23983 45aac5 23980->23983 23988 457800 77 API calls 23980->23988 23982 45b148 SetFilePointer 23982->23983 23985 45b164 GetLastError 23982->23985 23983->23972 23984->23982 23984->23983 23985->23983 23986 45b16e 23985->23986 23986->23983 23989 457800 77 API calls 23986->23989 23988->23984 23989->23983 23992 46c9d0 23993 46c9da __EH_prolog 23992->23993 24163 4512f6 23993->24163 23996 46ca1a 24000 46ca8b 23996->24000 24001 46ca28 23996->24001 24076 46ca31 23996->24076 23997 46d10b 24252 46e7ee 23997->24252 24004 46cb1e GetDlgItemTextW 24000->24004 24010 46caa1 24000->24010 24005 46ca2c 24001->24005 24006 46ca68 24001->24006 24002 46d126 SendMessageW 24003 46d134 24002->24003 24008 46d14e GetDlgItem SendMessageW 24003->24008 24009 46d13d SendDlgItemMessageW 24003->24009 24004->24006 24007 46cb5b 24004->24007 24011 45f937 53 API calls 24005->24011 24005->24076 24013 46cb4f EndDialog 24006->24013 24006->24076 24014 46cb70 GetDlgItem 24007->24014 24161 46cb64 24007->24161 24270 46b65d GetCurrentDirectoryW 24008->24270 24009->24008 24015 45f937 53 API calls 24010->24015 24016 46ca4b 24011->24016 24013->24076 24018 46cba7 SetFocus 24014->24018 24019 46cb84 SendMessageW SendMessageW 24014->24019 24020 46cabe SetDlgItemTextW 24015->24020 24292 45122f SHGetMalloc 24016->24292 24017 46d17e GetDlgItem 24022 46d1a1 SetWindowTextW 24017->24022 24023 46d19b 24017->24023 24024 46cbb7 24018->24024 24033 46cbc3 24018->24033 24019->24018 24025 46cac9 24020->24025 24271 46bbc0 GetClassNameW 24022->24271 24023->24022 24028 45f937 53 API calls 24024->24028 24031 46cad6 GetMessageW 24025->24031 24025->24076 24026 46d051 24029 45f937 53 API calls 24026->24029 24032 46cbc1 24028->24032 24035 46d061 SetDlgItemTextW 24029->24035 24037 46caed IsDialogMessageW 24031->24037 24031->24076 24173 46e619 24032->24173 24042 45f937 53 API calls 24033->24042 24034 46d3f8 SetDlgItemTextW 24034->24076 24040 46d075 24035->24040 24037->24025 24038 46cafc TranslateMessage DispatchMessageW 24037->24038 24038->24025 24044 45f937 53 API calls 24040->24044 24046 46cbfa 24042->24046 24043 46cc1d 24050 46cc51 24043->24050 24293 45b4c1 24043->24293 24080 46d098 _wcslen 24044->24080 24045 46d1ec 24048 46d21c 24045->24048 24053 45f937 53 API calls 24045->24053 24049 454a20 _swprintf 51 API calls 24046->24049 24047 46d884 97 API calls 24047->24045 24058 46d884 97 API calls 24048->24058 24101 46d2d4 24048->24101 24049->24032 24183 45b341 24050->24183 24057 46d1ff SetDlgItemTextW 24053->24057 24054 46d387 24060 46d390 EnableWindow 24054->24060 24061 46d399 24054->24061 24065 45f937 53 API calls 24057->24065 24066 46d237 24058->24066 24059 46cc4b 24296 46beff CreateDirectoryW LocalFree GetCurrentProcess GetLastError 24059->24296 24060->24061 24068 46d3b6 24061->24068 24305 4512b3 GetDlgItem EnableWindow 24061->24305 24062 46d0e9 24071 45f937 53 API calls 24062->24071 24063 46cc75 24189 46bc19 SetCurrentDirectoryW 24063->24189 24064 46cc6a GetLastError 24064->24063 24069 46d213 SetDlgItemTextW 24065->24069 24077 46d249 24066->24077 24100 46d26e 24066->24100 24074 46d3dd 24068->24074 24089 46d3d5 SendMessageW 24068->24089 24069->24048 24071->24076 24072 46d2c7 24083 46d884 97 API calls 24072->24083 24074->24076 24085 45f937 53 API calls 24074->24085 24075 46cc89 24081 46cc92 GetLastError 24075->24081 24082 46cca0 24075->24082 24303 46aef5 32 API calls 24077->24303 24079 46d3ac 24306 4512b3 GetDlgItem EnableWindow 24079->24306 24080->24062 24088 45f937 53 API calls 24080->24088 24081->24082 24084 46cd17 24082->24084 24090 46ccb0 GetTickCount 24082->24090 24091 46cd26 24082->24091 24083->24101 24084->24091 24094 46cf52 24084->24094 24092 46ca52 24085->24092 24086 46d262 24086->24100 24093 46d0cc 24088->24093 24089->24074 24190 454a20 24090->24190 24096 46cd3f GetModuleFileNameW 24091->24096 24097 46ceed 24091->24097 24103 46cef7 24091->24103 24092->24034 24092->24076 24102 454a20 _swprintf 51 API calls 24093->24102 24208 4512d1 GetDlgItem ShowWindow 24094->24208 24095 46d365 24304 46aef5 32 API calls 24095->24304 24297 4605ed 82 API calls 24096->24297 24097->24006 24097->24103 24100->24072 24108 46d884 97 API calls 24100->24108 24101->24054 24101->24095 24111 45f937 53 API calls 24101->24111 24102->24062 24107 45f937 53 API calls 24103->24107 24106 46d384 24106->24054 24114 46cf01 24107->24114 24115 46d29c 24108->24115 24109 46cf62 24209 4512d1 GetDlgItem ShowWindow 24109->24209 24110 46cccd 24193 45a8ce 24110->24193 24111->24101 24113 46cd67 24116 454a20 _swprintf 51 API calls 24113->24116 24117 454a20 _swprintf 51 API calls 24114->24117 24115->24072 24118 46d2a5 DialogBoxParamW 24115->24118 24121 46cd89 CreateFileMappingW 24116->24121 24123 46cf1f 24117->24123 24118->24006 24118->24072 24119 46cf6c 24210 45f937 24119->24210 24124 46cde7 GetCommandLineW 24121->24124 24125 46ce5e __InternalCxxFrameHandler 24121->24125 24134 45f937 53 API calls 24123->24134 24130 46cdf8 24124->24130 24128 46ce69 ShellExecuteExW 24125->24128 24127 46ccf3 24131 46ccfa GetLastError 24127->24131 24132 46cd05 24127->24132 24152 46ce84 24128->24152 24298 46c615 SHGetMalloc 24130->24298 24131->24132 24201 45a801 24132->24201 24140 46cf39 24134->24140 24135 46cf88 SetDlgItemTextW GetDlgItem 24137 46cfa5 GetWindowLongW SetWindowLongW 24135->24137 24138 46cfbd 24135->24138 24137->24138 24215 46d884 24138->24215 24139 46ce14 24299 46c615 SHGetMalloc 24139->24299 24144 46ce20 24300 46c615 SHGetMalloc 24144->24300 24146 46d884 97 API calls 24148 46cfd9 24146->24148 24147 46cec7 24147->24097 24150 46cedd UnmapViewOfFile CloseHandle 24147->24150 24240 46eba2 24148->24240 24149 46ce2c 24301 46069c 82 API calls 24149->24301 24150->24097 24152->24147 24156 46ceb3 Sleep 24152->24156 24154 46ce3d MapViewOfFile 24154->24125 24156->24147 24156->24152 24157 46d884 97 API calls 24160 46cfff 24157->24160 24158 46d028 24302 4512b3 GetDlgItem EnableWindow 24158->24302 24160->24158 24162 46d884 97 API calls 24160->24162 24161->24006 24161->24026 24162->24158 24164 4512ff 24163->24164 24165 451358 24163->24165 24167 451365 24164->24167 24307 45f608 62 API calls 2 library calls 24164->24307 24308 45f5e1 GetWindowLongW SetWindowLongW 24165->24308 24167->23996 24167->23997 24167->24076 24169 451321 24169->24167 24170 451334 GetDlgItem 24169->24170 24170->24167 24171 451344 24170->24171 24171->24167 24172 45134a SetWindowTextW 24171->24172 24172->24167 24309 46c758 PeekMessageW 24173->24309 24176 46e647 24180 46e652 ShowWindow SendMessageW SendMessageW 24176->24180 24177 46e67b SendMessageW SendMessageW 24178 46e6d6 SendMessageW SendMessageW SendMessageW 24177->24178 24179 46e6b7 24177->24179 24181 46e72c SendMessageW 24178->24181 24182 46e709 SendMessageW 24178->24182 24179->24178 24180->24177 24181->24043 24182->24181 24186 45b34b 24183->24186 24184 45b405 24184->24063 24184->24064 24185 45b3dc 24185->24184 24187 45b542 8 API calls 24185->24187 24186->24184 24186->24185 24314 45b542 24186->24314 24187->24184 24189->24075 24341 4549f3 24190->24341 24194 45a8d8 24193->24194 24195 45a935 CreateFileW 24194->24195 24196 45a929 24194->24196 24195->24196 24197 45a97f 24196->24197 24198 45cf32 GetCurrentDirectoryW 24196->24198 24197->24127 24199 45a964 24198->24199 24199->24197 24200 45a968 CreateFileW 24199->24200 24200->24197 24202 45a825 24201->24202 24207 45a836 24201->24207 24203 45a831 24202->24203 24204 45a838 24202->24204 24202->24207 24428 45a9ae 24203->24428 24433 45a880 24204->24433 24207->24084 24208->24109 24209->24119 24211 45f947 24210->24211 24448 45f968 24211->24448 24214 4512d1 GetDlgItem ShowWindow 24214->24135 24216 46d88e __EH_prolog 24215->24216 24217 46cfcb 24216->24217 24471 46c504 24216->24471 24217->24146 24220 46c504 ExpandEnvironmentStringsW 24226 46d8c5 _wcslen _wcsrchr 24220->24226 24221 46dbac SetWindowTextW 24221->24226 24226->24217 24226->24220 24226->24221 24227 46d99a SetFileAttributesW 24226->24227 24230 46d9b4 _abort _wcslen 24226->24230 24475 463316 CompareStringW 24226->24475 24476 47521e 24226->24476 24489 46b65d GetCurrentDirectoryW 24226->24489 24491 45b9ca 6 API calls 24226->24491 24492 45b953 FindClose 24226->24492 24493 46c67e 24226->24493 24229 46da54 GetFileAttributesW 24227->24229 24227->24230 24229->24226 24232 46da66 DeleteFileW 24229->24232 24230->24226 24230->24229 24233 46dd76 GetDlgItem SetWindowTextW SendMessageW 24230->24233 24236 46ddb6 SendMessageW 24230->24236 24490 45cdc0 51 API calls 2 library calls 24230->24490 24232->24226 24234 46da77 24232->24234 24233->24230 24235 454a20 _swprintf 51 API calls 24234->24235 24237 46da97 GetFileAttributesW 24235->24237 24236->24226 24237->24234 24238 46daac MoveFileW 24237->24238 24238->24226 24239 46dac4 MoveFileExW 24238->24239 24239->24226 24241 46ebac __EH_prolog 24240->24241 24511 461983 24241->24511 24243 46ebdd 24515 4564ed 24243->24515 24245 46ebfb 24519 458823 24245->24519 24249 46ec4e 24537 45890a 24249->24537 24251 46cfea 24251->24157 24253 46e7f8 24252->24253 25088 46b5d6 24253->25088 24256 46e805 GetWindow 24257 46d111 24256->24257 24260 46e825 24256->24260 24257->24002 24257->24003 24258 46e832 GetClassNameW 25093 463316 CompareStringW 24258->25093 24260->24257 24260->24258 24261 46e856 GetWindowLongW 24260->24261 24262 46e8ba GetWindow 24260->24262 24261->24262 24263 46e866 SendMessageW 24261->24263 24262->24257 24262->24260 24263->24262 24264 46e87c GetObjectW 24263->24264 25094 46b615 GetDC GetDeviceCaps GetDeviceCaps ReleaseDC 24264->25094 24266 46e893 25095 46b5f4 GetDC GetDeviceCaps GetDeviceCaps ReleaseDC 24266->25095 25096 46b81c 8 API calls 24266->25096 24269 46e8a4 SendMessageW DeleteObject 24269->24262 24270->24017 24272 46bc06 24271->24272 24273 46bbe1 24271->24273 24274 46bc14 24272->24274 24275 46bc0b SHAutoComplete 24272->24275 25099 463316 CompareStringW 24273->25099 24279 46c217 24274->24279 24275->24274 24277 46bbf4 24277->24272 24278 46bbf8 FindWindowExW 24277->24278 24278->24272 24280 46c221 __EH_prolog 24279->24280 24281 4513f8 43 API calls 24280->24281 24282 46c243 24281->24282 25100 452083 24282->25100 24285 46c26c 24288 451a7e 142 API calls 24285->24288 24286 46c25d 24287 451641 86 API calls 24286->24287 24289 46c268 24287->24289 24290 46c28b __InternalCxxFrameHandler ___std_exception_copy 24288->24290 24289->24045 24289->24047 24291 451641 86 API calls 24290->24291 24291->24289 24292->24092 25108 45b4d3 24293->25108 24296->24050 24297->24113 24298->24139 24299->24144 24300->24149 24301->24154 24302->24161 24303->24086 24304->24106 24305->24079 24306->24068 24307->24169 24308->24167 24310 46c773 GetMessageW 24309->24310 24311 46c7ac GetDlgItem 24309->24311 24312 46c798 TranslateMessage DispatchMessageW 24310->24312 24313 46c789 IsDialogMessageW 24310->24313 24311->24176 24311->24177 24312->24311 24313->24311 24313->24312 24315 45b54f 24314->24315 24316 45b573 24315->24316 24317 45b566 CreateDirectoryW 24315->24317 24318 45b4c1 3 API calls 24316->24318 24317->24316 24319 45b5a6 24317->24319 24320 45b579 24318->24320 24323 45b5b5 24319->24323 24331 45b8e6 24319->24331 24321 45b5b9 GetLastError 24320->24321 24327 45cf32 24320->24327 24321->24323 24323->24186 24325 45b58f 24325->24321 24326 45b593 CreateDirectoryW 24325->24326 24326->24319 24326->24321 24328 45cf3f _wcslen 24327->24328 24329 45cfe7 GetCurrentDirectoryW 24328->24329 24330 45cf68 _wcslen 24328->24330 24329->24330 24330->24325 24339 46ffd0 24331->24339 24334 45b936 24334->24323 24335 45b909 24336 45cf32 GetCurrentDirectoryW 24335->24336 24337 45b91d 24336->24337 24337->24334 24338 45b921 SetFileAttributesW 24337->24338 24338->24334 24340 45b8f3 SetFileAttributesW 24339->24340 24340->24334 24340->24335 24342 454a0a __vswprintf_c_l 24341->24342 24345 4772e2 24342->24345 24348 4753a5 24345->24348 24349 4753e5 24348->24349 24350 4753cd 24348->24350 24349->24350 24352 4753ed 24349->24352 24372 47a7eb 20 API calls _free 24350->24372 24374 475944 24352->24374 24353 4753d2 24373 4751b9 26 API calls _abort 24353->24373 24357 4753dd 24365 470d7c 24357->24365 24360 475475 24383 475cf4 51 API calls 3 library calls 24360->24383 24361 454a14 24361->24110 24364 475480 24384 4759c7 20 API calls _free 24364->24384 24366 470d85 IsProcessorFeaturePresent 24365->24366 24367 470d84 24365->24367 24369 470dc7 24366->24369 24367->24361 24385 470d8a SetUnhandledExceptionFilter UnhandledExceptionFilter GetCurrentProcess TerminateProcess 24369->24385 24371 470eaa 24371->24361 24372->24353 24373->24357 24375 475961 24374->24375 24381 4753fd 24374->24381 24375->24381 24386 47a515 GetLastError 24375->24386 24377 475982 24406 47aaf6 38 API calls __fassign 24377->24406 24379 47599b 24407 47ab23 38 API calls __fassign 24379->24407 24382 47590f 20 API calls 2 library calls 24381->24382 24382->24360 24383->24364 24384->24357 24385->24371 24387 47a531 24386->24387 24388 47a52b 24386->24388 24392 47a580 SetLastError 24387->24392 24409 47c2f6 24387->24409 24408 47c01b 11 API calls 2 library calls 24388->24408 24392->24377 24393 47a54b 24416 47a66a 24393->24416 24395 47a560 24395->24393 24397 47a567 24395->24397 24423 47a380 20 API calls _abort 24397->24423 24398 47a551 24400 47a58c SetLastError 24398->24400 24424 47a0f4 38 API calls _abort 24400->24424 24401 47a572 24403 47a66a _free 20 API calls 24401->24403 24405 47a579 24403->24405 24405->24392 24405->24400 24406->24379 24407->24381 24408->24387 24415 47c303 _abort 24409->24415 24410 47c343 24426 47a7eb 20 API calls _free 24410->24426 24411 47c32e RtlAllocateHeap 24413 47a543 24411->24413 24411->24415 24413->24393 24422 47c071 11 API calls 2 library calls 24413->24422 24415->24410 24415->24411 24425 478e5c 7 API calls 2 library calls 24415->24425 24417 47a675 RtlFreeHeap 24416->24417 24421 47a69e _free 24416->24421 24418 47a68a 24417->24418 24417->24421 24427 47a7eb 20 API calls _free 24418->24427 24420 47a690 GetLastError 24420->24421 24421->24398 24422->24395 24423->24401 24425->24415 24426->24413 24427->24420 24429 45a9e1 24428->24429 24430 45a9b7 24428->24430 24429->24207 24430->24429 24439 45b470 24430->24439 24434 45a88c 24433->24434 24437 45a8aa 24433->24437 24436 45a898 FindCloseChangeNotification 24434->24436 24434->24437 24435 45a8c9 24435->24207 24436->24437 24437->24435 24447 457685 76 API calls 24437->24447 24440 46ffd0 24439->24440 24441 45b47d DeleteFileW 24440->24441 24442 45b490 24441->24442 24443 45a9df 24441->24443 24444 45cf32 GetCurrentDirectoryW 24442->24444 24443->24207 24445 45b4a4 24444->24445 24445->24443 24446 45b4a8 DeleteFileW 24445->24446 24446->24443 24447->24435 24454 45ecd0 24448->24454 24451 45f965 SetDlgItemTextW 24451->24214 24452 45f98b LoadStringW 24452->24451 24453 45f9a2 LoadStringW 24452->24453 24453->24451 24459 45ec0c 24454->24459 24456 45eced 24457 45ed02 24456->24457 24467 45ed10 26 API calls 24456->24467 24457->24451 24457->24452 24460 45ec24 24459->24460 24465 45eca4 _strncpy 24459->24465 24462 45ec48 24460->24462 24468 4630f5 WideCharToMultiByte 24460->24468 24466 45ec79 24462->24466 24469 45f8d1 50 API calls __vsnprintf 24462->24469 24465->24456 24470 477571 26 API calls 3 library calls 24466->24470 24467->24457 24468->24462 24469->24466 24470->24465 24472 46c50e 24471->24472 24473 46c5e0 ExpandEnvironmentStringsW 24472->24473 24474 46c5fd 24472->24474 24473->24474 24474->24226 24475->24226 24477 47a6a4 24476->24477 24478 47a6b1 24477->24478 24479 47a6bc 24477->24479 24499 47a7fe 24478->24499 24481 47a6c4 24479->24481 24487 47a6cd _abort 24479->24487 24482 47a66a _free 20 API calls 24481->24482 24485 47a6b9 24482->24485 24483 47a6f7 HeapReAlloc 24483->24485 24483->24487 24484 47a6d2 24506 47a7eb 20 API calls _free 24484->24506 24485->24226 24487->24483 24487->24484 24507 478e5c 7 API calls 2 library calls 24487->24507 24489->24226 24490->24230 24491->24226 24492->24226 24494 46c688 ___std_exception_copy 24493->24494 24497 46c6a7 _wcslen 24494->24497 24510 45775a 75 API calls 24494->24510 24496 46c504 ExpandEnvironmentStringsW 24496->24497 24497->24496 24498 46c749 24497->24498 24498->24226 24500 47a83c 24499->24500 24504 47a80c _abort 24499->24504 24509 47a7eb 20 API calls _free 24500->24509 24502 47a827 RtlAllocateHeap 24503 47a83a 24502->24503 24502->24504 24503->24485 24504->24500 24504->24502 24508 478e5c 7 API calls 2 library calls 24504->24508 24506->24485 24507->24487 24508->24504 24509->24503 24510->24497 24512 461990 _wcslen 24511->24512 24546 451895 24512->24546 24514 4619a8 24514->24243 24516 461983 _wcslen 24515->24516 24517 451895 78 API calls 24516->24517 24518 4619a8 24517->24518 24518->24245 24520 45882d __EH_prolog 24519->24520 24559 45e298 24520->24559 24522 458855 24565 46febe 24522->24565 24524 458899 _abort 24525 46febe 27 API calls 24524->24525 24526 4588c0 24525->24526 24578 465c64 24526->24578 24529 458a38 24531 458a42 24529->24531 24530 458b1a 24535 458b5c 24530->24535 24617 451397 74 API calls 24530->24617 24533 458ab5 24531->24533 24611 45b966 24531->24611 24533->24530 24589 4590a2 24533->24589 24535->24249 25084 45a41a 24537->25084 24539 45892b 24540 463546 86 API calls 24539->24540 24541 45893c Concurrency::cancel_current_task 24539->24541 24540->24541 24542 452111 26 API calls 24541->24542 24543 458963 24542->24543 24544 45e339 86 API calls 24543->24544 24545 45896b 24544->24545 24545->24251 24547 4518ff 24546->24547 24548 4518a7 24546->24548 24547->24514 24549 4518d0 24548->24549 24556 4576e9 76 API calls __vswprintf_c_l 24548->24556 24551 47521e 22 API calls 24549->24551 24553 4518f0 24551->24553 24552 4518c6 24557 45775a 75 API calls 24552->24557 24553->24547 24558 45775a 75 API calls 24553->24558 24556->24552 24557->24549 24558->24547 24560 45e2a2 __EH_prolog 24559->24560 24561 46febe 27 API calls 24560->24561 24563 45e2e5 24561->24563 24562 46febe 27 API calls 24564 45e309 24562->24564 24563->24562 24564->24522 24566 46fec3 ___std_exception_copy 24565->24566 24567 46fedd 24566->24567 24569 46fedf 24566->24569 24586 478e5c 7 API calls 2 library calls 24566->24586 24567->24524 24570 4548f5 Concurrency::cancel_current_task 24569->24570 24572 46fee9 24569->24572 24584 473340 RaiseException 24570->24584 24587 473340 RaiseException 24572->24587 24573 454911 24577 454927 24573->24577 24585 45136b 26 API calls Concurrency::cancel_current_task 24573->24585 24575 470820 24577->24524 24579 465c6e __EH_prolog 24578->24579 24580 46febe 27 API calls 24579->24580 24581 465c8a 24580->24581 24582 4588f2 24581->24582 24588 462166 80 API calls 24581->24588 24582->24529 24584->24573 24585->24577 24586->24566 24587->24575 24588->24582 24590 4590ac __EH_prolog 24589->24590 24618 4513f8 24590->24618 24592 4590c8 24593 4590d9 24592->24593 24780 45b1d2 24592->24780 24597 459110 24593->24597 24628 451ad3 24593->24628 24596 45910c 24596->24597 24647 452032 24596->24647 24772 451641 24597->24772 24601 4591b2 24651 45924e 24601->24651 24605 459211 24605->24597 24659 454264 24605->24659 24671 4592c6 24605->24671 24608 45b966 7 API calls 24610 459139 24608->24610 24610->24601 24610->24608 24784 45d4d2 CompareStringW _wcslen 24610->24784 24612 45b97b 24611->24612 24613 45b9a9 24612->24613 25073 45ba94 24612->25073 24613->24531 24615 45b98b 24615->24613 24616 45b990 FindClose 24615->24616 24616->24613 24617->24535 24619 4513fd __EH_prolog 24618->24619 24620 45e298 27 API calls 24619->24620 24621 451437 24620->24621 24622 46febe 27 API calls 24621->24622 24625 4514ab 24621->24625 24624 451498 24622->24624 24624->24625 24785 45644d 24624->24785 24793 45c1f7 24625->24793 24626 451533 _abort 24626->24592 24629 451add __EH_prolog 24628->24629 24641 451b30 24629->24641 24644 451c63 24629->24644 24818 4513d9 24629->24818 24631 451c9e 24821 451397 74 API calls 24631->24821 24634 454264 115 API calls 24638 451ce9 24634->24638 24635 451cab 24635->24634 24635->24644 24636 451d31 24640 451d64 24636->24640 24636->24644 24822 451397 74 API calls 24636->24822 24638->24636 24639 454264 115 API calls 24638->24639 24639->24638 24640->24644 24645 45b110 79 API calls 24640->24645 24641->24631 24641->24635 24641->24644 24642 454264 115 API calls 24643 451db5 24642->24643 24643->24642 24643->24644 24644->24596 24645->24643 24646 45b110 79 API calls 24646->24641 24648 452037 __EH_prolog 24647->24648 24650 452068 24648->24650 24836 451a7e 24648->24836 24650->24610 24982 45e395 24651->24982 24653 45925e 24986 462701 GetSystemTime SystemTimeToFileTime 24653->24986 24655 4591cc 24655->24605 24656 462eb4 24655->24656 24987 46efab 24656->24987 24660 454274 24659->24660 24661 454270 24659->24661 24670 45b110 79 API calls 24660->24670 24661->24605 24662 454286 24663 4542a1 24662->24663 24664 4542af 24662->24664 24665 4542e1 24663->24665 24995 45395a 103 API calls 3 library calls 24663->24995 24996 452eb6 115 API calls 3 library calls 24664->24996 24665->24605 24668 4542ad 24668->24665 24997 452544 74 API calls 24668->24997 24670->24662 24672 4592d0 __EH_prolog 24671->24672 24675 45930e 24672->24675 24690 45973d Concurrency::cancel_current_task 24672->24690 25016 469cad 117 API calls 24672->25016 24674 45a18d 24676 45a1c5 24674->24676 24677 45a192 24674->24677 24675->24674 24679 45932f 24675->24679 24675->24690 24676->24690 25046 469cad 117 API calls 24676->25046 24677->24690 25045 458675 166 API calls 24677->25045 24679->24690 24998 4566df 24679->24998 24682 459545 24687 459669 24682->24687 24682->24690 25019 458f6b 38 API calls 24682->25019 24684 459405 24684->24682 25017 45b5d6 57 API calls 3 library calls 24684->25017 24692 45b966 7 API calls 24687->24692 24694 4596db 24687->24694 24689 4595ac 25018 478a18 26 API calls 2 library calls 24689->25018 24690->24605 24692->24694 24693 459935 25026 45e4a9 96 API calls 24693->25026 25004 4589c8 24694->25004 24697 45976c 24720 4597c5 24697->24720 25020 454727 27 API calls 2 library calls 24697->25020 24700 459990 24701 459a3a 24700->24701 24707 4599bb 24700->24707 24705 459a8c 24701->24705 24718 459a45 24701->24718 24703 4598f4 Concurrency::cancel_current_task 24703->24700 25027 45851f 50 API calls 2 library calls 24703->25027 24709 459a2c 24705->24709 25030 458db3 119 API calls 24705->25030 24706 459a8a 24710 45a801 80 API calls 24706->24710 24708 459ae8 24707->24708 24707->24709 24712 45b4c1 3 API calls 24707->24712 24731 459b53 24708->24731 24759 45a14a 24708->24759 25031 45ab1c 24708->25031 24709->24706 24709->24708 24710->24690 24711 45a801 80 API calls 24711->24690 24714 4599f3 24712->24714 24714->24709 25028 45a50a 97 API calls 24714->25028 24715 45bf0a 27 API calls 24719 459ba2 24715->24719 24718->24706 25029 458b7c 123 API calls 24718->25029 24723 45bf0a 27 API calls 24719->24723 24720->24690 24720->24703 24721 4598ed 24720->24721 25021 4587fb 41 API calls 24720->25021 25022 45e4a9 96 API calls 24720->25022 25023 45237a 74 API calls 24720->25023 25024 458f28 98 API calls 24720->25024 25025 45237a 74 API calls 24721->25025 24728 459bb8 24723->24728 24732 459c8b 24728->24732 24743 459c62 24728->24743 24751 45aa7a 79 API calls 24728->24751 24729 459b41 25035 457951 77 API calls 24729->25035 24731->24715 24733 459e85 24732->24733 24734 459ce7 24732->24734 24735 459e97 24733->24735 24736 459eab 24733->24736 24757 459d20 24733->24757 24737 459cff 24734->24737 24742 459da7 24734->24742 24738 45a475 137 API calls 24735->24738 24740 464586 75 API calls 24736->24740 24739 459d46 24737->24739 24744 459d0e 24737->24744 24738->24757 24739->24757 25038 45829b 111 API calls 24739->25038 24741 459ec4 24740->24741 24745 46422f 137 API calls 24741->24745 25039 458f6b 38 API calls 24742->25039 24743->24732 25036 45ac9c 82 API calls 24743->25036 25037 45237a 74 API calls 24744->25037 24745->24757 24749 459e76 24749->24605 24751->24743 24752 459dec 24753 459e1f 24752->24753 24754 459e08 24752->24754 24752->24757 25041 45a212 103 API calls __EH_prolog 24753->25041 25040 458037 85 API calls 24754->25040 24757->24749 24763 459fca 24757->24763 25042 45237a 74 API calls 24757->25042 24759->24711 24760 45a083 25011 45b032 24760->25011 24761 45b8e6 3 API calls 24762 45a130 24761->24762 24762->24759 25043 45237a 74 API calls 24762->25043 24763->24759 24763->24760 24770 45a0d5 24763->24770 25010 45b199 SetEndOfFile 24763->25010 24766 45a0ca 24768 45a880 77 API calls 24766->24768 24768->24770 24769 45a140 25044 457871 76 API calls 24769->25044 24770->24759 24770->24761 24773 451653 24772->24773 24775 451665 Concurrency::cancel_current_task 24772->24775 24773->24775 25060 4516b2 24773->25060 24776 452111 26 API calls 24775->24776 24777 451694 24776->24777 25063 45e339 24777->25063 24781 45b1e9 24780->24781 24782 45b1f3 24781->24782 25072 4577af 78 API calls 24781->25072 24782->24593 24784->24610 24786 456457 __EH_prolog 24785->24786 24799 45c9d8 GetCurrentProcess GetProcessAffinityMask 24786->24799 24788 456464 24800 4604e5 24788->24800 24790 4564bb 24804 45665c GetCurrentProcess GetProcessAffinityMask 24790->24804 24792 4564d8 24792->24625 24794 45c20d _abort 24793->24794 24806 45c0d3 24794->24806 24799->24788 24801 4604ef __EH_prolog 24800->24801 24805 454846 41 API calls 24801->24805 24803 46050b 24803->24790 24804->24792 24805->24803 24813 45c0b4 24806->24813 24808 45c148 24809 452111 24808->24809 24810 45211c 24809->24810 24811 45212b 24809->24811 24817 45136b 26 API calls Concurrency::cancel_current_task 24810->24817 24811->24626 24814 45c0c2 24813->24814 24815 45c0bd 24813->24815 24814->24808 24816 452111 26 API calls 24815->24816 24816->24814 24817->24811 24823 451822 24818->24823 24821->24644 24822->24640 24824 451834 24823->24824 24825 4513f2 24823->24825 24826 45185d 24824->24826 24833 4576e9 76 API calls __vswprintf_c_l 24824->24833 24825->24646 24828 47521e 22 API calls 24826->24828 24830 45187a 24828->24830 24829 451853 24834 45775a 75 API calls 24829->24834 24830->24825 24835 45775a 75 API calls 24830->24835 24833->24829 24834->24826 24835->24825 24837 451a8e 24836->24837 24838 451a8a 24836->24838 24840 4519c5 24837->24840 24838->24650 24841 4519d7 24840->24841 24842 451a14 24840->24842 24843 454264 115 API calls 24841->24843 24848 4546ce 24842->24848 24844 4519f7 24843->24844 24844->24838 24852 4546d7 24848->24852 24849 454264 115 API calls 24849->24852 24850 451a35 24850->24844 24853 451f30 24850->24853 24852->24849 24852->24850 24865 462128 24852->24865 24854 451f3a __EH_prolog 24853->24854 24873 4542f1 24854->24873 24856 451f61 24857 451822 78 API calls 24856->24857 24859 451fe8 24856->24859 24858 451f78 24857->24858 24901 45190b 78 API calls 24858->24901 24859->24844 24861 451f90 24863 451f9c _wcslen 24861->24863 24902 462ed2 MultiByteToWideChar 24861->24902 24903 45190b 78 API calls 24863->24903 24866 46212f 24865->24866 24867 46214a 24866->24867 24871 4576e4 RaiseException CallUnexpected 24866->24871 24869 46215b SetThreadExecutionState 24867->24869 24872 4576e4 RaiseException CallUnexpected 24867->24872 24869->24852 24871->24867 24872->24869 24874 4542fb __EH_prolog 24873->24874 24875 454311 24874->24875 24876 45432d 24874->24876 24929 451397 74 API calls 24875->24929 24878 454588 24876->24878 24881 454359 24876->24881 24949 451397 74 API calls 24878->24949 24880 45431c 24880->24856 24881->24880 24904 464586 24881->24904 24883 4543da 24885 454465 24883->24885 24900 4543d1 24883->24900 24932 45e4a9 96 API calls 24883->24932 24884 4543d6 24884->24883 24931 45252a 78 API calls 24884->24931 24914 45bf0a 24885->24914 24887 4543c6 24930 451397 74 API calls 24887->24930 24888 4543a8 24888->24883 24888->24884 24888->24887 24890 454478 24894 45450e 24890->24894 24895 4544fe 24890->24895 24933 46422f 24894->24933 24918 45a475 24895->24918 24898 45450c 24898->24900 24942 45237a 74 API calls 24898->24942 24943 463546 24900->24943 24901->24861 24902->24863 24903->24859 24905 46459b 24904->24905 24908 4645a5 ___std_exception_copy 24904->24908 24950 45775a 75 API calls 24905->24950 24907 4646d5 24952 473340 RaiseException 24907->24952 24908->24907 24909 46462b 24908->24909 24913 46464f _abort 24908->24913 24951 4644b9 75 API calls 3 library calls 24909->24951 24912 464701 24913->24888 24915 45bf18 24914->24915 24917 45bf22 24914->24917 24916 46febe 27 API calls 24915->24916 24916->24917 24917->24890 24919 45a47f __EH_prolog 24918->24919 24953 458a1f 24919->24953 24922 4513d9 78 API calls 24923 45a492 24922->24923 24956 45e56c 24923->24956 24925 45a4ee 24925->24898 24927 45e56c 132 API calls 24928 45a4a5 24927->24928 24928->24925 24928->24927 24965 45e758 97 API calls __InternalCxxFrameHandler 24928->24965 24929->24880 24930->24900 24931->24883 24932->24885 24934 464261 24933->24934 24935 464238 24933->24935 24941 464255 24934->24941 24980 4666d4 137 API calls 2 library calls 24934->24980 24936 464257 24935->24936 24938 46424d 24935->24938 24935->24941 24979 4673ae 132 API calls 24936->24979 24966 467ddc 24938->24966 24941->24898 24942->24900 24944 463550 24943->24944 24945 463569 24944->24945 24948 46357d 24944->24948 24981 46220d 86 API calls 24945->24981 24947 463570 Concurrency::cancel_current_task 24947->24948 24949->24880 24950->24908 24951->24913 24952->24912 24954 45c619 GetVersionExW 24953->24954 24955 458a24 24954->24955 24955->24922 24962 45e582 __InternalCxxFrameHandler 24956->24962 24957 45e726 24960 462128 SetThreadExecutionState RaiseException 24957->24960 24958 45e6f2 24958->24957 24959 45e523 6 API calls 24958->24959 24959->24957 24963 45e6e9 24960->24963 24961 469cad 117 API calls 24961->24962 24962->24958 24962->24961 24962->24963 24964 45bff5 91 API calls 24962->24964 24963->24928 24964->24962 24965->24928 24967 4647ad 75 API calls 24966->24967 24968 467ded __InternalCxxFrameHandler 24967->24968 24968->24968 24969 45e56c 132 API calls 24968->24969 24970 4681fe 24968->24970 24973 4624ef 81 API calls 24968->24973 24974 465011 132 API calls 24968->24974 24975 468253 132 API calls 24968->24975 24976 4622a6 88 API calls 24968->24976 24977 464b1c 98 API calls 24968->24977 24978 4688af 137 API calls 24968->24978 24969->24968 24971 4663b9 98 API calls 24970->24971 24972 46820e __InternalCxxFrameHandler 24971->24972 24972->24941 24973->24968 24974->24968 24975->24968 24976->24968 24977->24968 24978->24968 24979->24941 24980->24941 24981->24947 24983 45e3a5 24982->24983 24985 45e3ac 24982->24985 24984 45aa7a 79 API calls 24983->24984 24984->24985 24985->24653 24986->24655 24988 46efb8 24987->24988 24989 45f937 53 API calls 24988->24989 24990 46efdb 24989->24990 24991 454a20 _swprintf 51 API calls 24990->24991 24992 46efed 24991->24992 24993 46e619 16 API calls 24992->24993 24994 462eca 24993->24994 24994->24605 24995->24668 24996->24668 24997->24665 24999 4566ef 24998->24999 25047 4565fb 24999->25047 25001 45675a 25001->24684 25002 456722 25002->25001 25052 45c6af CharUpperW CompareStringW ___vcrt_FlsSetValue _wcslen 25002->25052 25005 4589dd 25004->25005 25006 458a15 25005->25006 25058 457931 74 API calls 25005->25058 25006->24690 25006->24693 25006->24697 25008 458a0d 25059 451397 74 API calls 25008->25059 25010->24760 25012 45b043 25011->25012 25015 45b052 25011->25015 25013 45b049 FlushFileBuffers 25012->25013 25012->25015 25013->25015 25014 45b0cf SetFileTime 25014->24766 25015->25014 25016->24675 25017->24689 25018->24682 25019->24687 25020->24720 25021->24720 25022->24720 25023->24720 25024->24720 25025->24703 25026->24703 25027->24700 25028->24709 25029->24706 25030->24709 25032 45ab25 GetFileType 25031->25032 25033 459b2b 25031->25033 25032->25033 25033->24731 25034 45237a 74 API calls 25033->25034 25034->24729 25035->24731 25036->24732 25037->24757 25038->24757 25039->24752 25040->24757 25041->24757 25042->24763 25043->24769 25044->24759 25045->24690 25046->24690 25053 4564f8 25047->25053 25050 45661c 25050->25002 25051 4564f8 2 API calls 25051->25050 25052->25002 25056 456502 25053->25056 25054 4565ea 25054->25050 25054->25051 25056->25054 25057 45c6af CharUpperW CompareStringW ___vcrt_FlsSetValue _wcslen 25056->25057 25057->25056 25058->25008 25059->25006 25069 4520ed 26 API calls Concurrency::cancel_current_task 25060->25069 25062 4516c0 25064 45e34a Concurrency::cancel_current_task 25063->25064 25070 45bd8e 86 API calls Concurrency::cancel_current_task 25064->25070 25066 45e37c 25071 45bd8e 86 API calls Concurrency::cancel_current_task 25066->25071 25068 45e387 25069->25062 25070->25066 25071->25068 25072->24782 25074 45baa1 25073->25074 25075 45bb20 FindNextFileW 25074->25075 25076 45baba FindFirstFileW 25074->25076 25078 45bb2b GetLastError 25075->25078 25083 45bb02 25075->25083 25077 45bac9 25076->25077 25076->25083 25079 45cf32 GetCurrentDirectoryW 25077->25079 25078->25083 25080 45bad9 25079->25080 25081 45baf7 GetLastError 25080->25081 25082 45badd FindFirstFileW 25080->25082 25081->25083 25082->25081 25082->25083 25083->24615 25086 45a425 25084->25086 25087 45a458 _abort 25084->25087 25085 45b470 3 API calls 25085->25086 25086->25085 25086->25087 25087->24539 25097 46b5f4 GetDC GetDeviceCaps GetDeviceCaps ReleaseDC 25088->25097 25090 46b5dd 25091 46b5e9 25090->25091 25098 46b615 GetDC GetDeviceCaps GetDeviceCaps ReleaseDC 25090->25098 25091->24256 25091->24257 25093->24260 25094->24266 25095->24266 25096->24269 25097->25090 25098->25091 25099->24277 25101 45b1d2 78 API calls 25100->25101 25102 45208f 25101->25102 25103 451ad3 115 API calls 25102->25103 25106 4520ac 25102->25106 25104 45209c 25103->25104 25104->25106 25107 451397 74 API calls 25104->25107 25106->24285 25106->24286 25107->25106 25109 46ffd0 25108->25109 25110 45b4e0 GetFileAttributesW 25109->25110 25111 45b4f1 25110->25111 25112 45b4ca 25110->25112 25113 45cf32 GetCurrentDirectoryW 25111->25113 25112->24050 25112->24059 25114 45b505 25113->25114 25114->25112 25115 45b509 GetFileAttributesW 25114->25115 25115->25112 26045 46d8d8 97 API calls 4 library calls 26089 474bd0 5 API calls __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 26047 4821d5 21 API calls 2 library calls 26048 46bde0 73 API calls 26090 4773e0 QueryPerformanceFrequency QueryPerformanceCounter 26069 47c66e 27 API calls __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 26070 46c2f3 78 API calls 25196 47ccf0 25197 47cd02 25196->25197 25198 47ccf9 25196->25198 25200 47cbe7 25198->25200 25201 47a515 _abort 38 API calls 25200->25201 25202 47cbf4 25201->25202 25220 47cd0e 25202->25220 25204 47cbfc 25229 47c97b 25204->25229 25207 47cc13 25207->25197 25208 47a7fe __vsnwprintf_l 21 API calls 25209 47cc24 25208->25209 25210 47cc56 25209->25210 25236 47cdb0 25209->25236 25213 47a66a _free 20 API calls 25210->25213 25213->25207 25214 47cc51 25246 47a7eb 20 API calls _free 25214->25246 25216 47cc9a 25216->25210 25247 47c851 26 API calls 25216->25247 25217 47cc6e 25217->25216 25218 47a66a _free 20 API calls 25217->25218 25218->25216 25221 47cd1a __FrameHandler3::FrameUnwindToState 25220->25221 25222 47a515 _abort 38 API calls 25221->25222 25224 47cd24 25222->25224 25227 47cda8 _abort 25224->25227 25228 47a66a _free 20 API calls 25224->25228 25248 47a0f4 38 API calls _abort 25224->25248 25249 47bdf1 EnterCriticalSection 25224->25249 25250 47cd9f LeaveCriticalSection _abort 25224->25250 25227->25204 25228->25224 25230 475944 __fassign 38 API calls 25229->25230 25231 47c98d 25230->25231 25232 47c9ae 25231->25232 25233 47c99c GetOEMCP 25231->25233 25234 47c9c5 25232->25234 25235 47c9b3 GetACP 25232->25235 25233->25234 25234->25207 25234->25208 25235->25234 25237 47c97b 40 API calls 25236->25237 25238 47cdcf 25237->25238 25241 47ce20 IsValidCodePage 25238->25241 25243 47ce45 _abort 25238->25243 25244 47cdd6 25238->25244 25239 470d7c __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 5 API calls 25240 47cc49 25239->25240 25240->25214 25240->25217 25242 47ce32 GetCPInfo 25241->25242 25241->25244 25242->25243 25242->25244 25251 47ca53 GetCPInfo 25243->25251 25244->25239 25246->25210 25247->25210 25249->25224 25250->25224 25252 47cb37 25251->25252 25258 47ca8d 25251->25258 25255 470d7c __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 5 API calls 25252->25255 25257 47cbe3 25255->25257 25257->25244 25261 47db48 25258->25261 25260 47bd38 __vsnwprintf_l 43 API calls 25260->25252 25262 475944 __fassign 38 API calls 25261->25262 25263 47db68 MultiByteToWideChar 25262->25263 25265 47dba6 25263->25265 25266 47dc3e 25263->25266 25268 47a7fe __vsnwprintf_l 21 API calls 25265->25268 25272 47dbc7 _abort __vsnwprintf_l 25265->25272 25267 470d7c __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 5 API calls 25266->25267 25269 47caee 25267->25269 25268->25272 25275 47bd38 25269->25275 25270 47dc38 25280 47bd83 20 API calls _free 25270->25280 25272->25270 25273 47dc0c MultiByteToWideChar 25272->25273 25273->25270 25274 47dc28 GetStringTypeW 25273->25274 25274->25270 25276 475944 __fassign 38 API calls 25275->25276 25277 47bd4b 25276->25277 25281 47bb1b 25277->25281 25280->25266 25282 47bb36 __vsnwprintf_l 25281->25282 25283 47bb5c MultiByteToWideChar 25282->25283 25284 47bb86 25283->25284 25285 47bd10 25283->25285 25288 47a7fe __vsnwprintf_l 21 API calls 25284->25288 25291 47bba7 __vsnwprintf_l 25284->25291 25286 470d7c __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 5 API calls 25285->25286 25287 47bd23 25286->25287 25287->25260 25288->25291 25289 47bbf0 MultiByteToWideChar 25290 47bc5c 25289->25290 25292 47bc09 25289->25292 25317 47bd83 20 API calls _free 25290->25317 25291->25289 25291->25290 25308 47c12c 25292->25308 25296 47bc33 25296->25290 25298 47c12c __vsnwprintf_l 11 API calls 25296->25298 25297 47bc6b 25300 47a7fe __vsnwprintf_l 21 API calls 25297->25300 25301 47bc8c __vsnwprintf_l 25297->25301 25298->25290 25299 47bd01 25316 47bd83 20 API calls _free 25299->25316 25300->25301 25301->25299 25302 47c12c __vsnwprintf_l 11 API calls 25301->25302 25304 47bce0 25302->25304 25304->25299 25305 47bcef WideCharToMultiByte 25304->25305 25305->25299 25306 47bd2f 25305->25306 25318 47bd83 20 API calls _free 25306->25318 25319 47be58 25308->25319 25312 47c19c LCMapStringW 25313 47c15c 25312->25313 25314 470d7c __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 5 API calls 25313->25314 25315 47bc20 25314->25315 25315->25290 25315->25296 25315->25297 25316->25290 25317->25285 25318->25290 25320 47be88 25319->25320 25322 47be84 25319->25322 25320->25313 25326 47c1b4 10 API calls 3 library calls 25320->25326 25322->25320 25324 47bea8 25322->25324 25327 47bef4 25322->25327 25323 47beb4 GetProcAddress 25325 47bec4 _abort 25323->25325 25324->25320 25324->25323 25325->25320 25326->25312 25328 47bf15 LoadLibraryExW 25327->25328 25332 47bf0a 25327->25332 25329 47bf32 GetLastError 25328->25329 25330 47bf4a 25328->25330 25329->25330 25333 47bf3d LoadLibraryExW 25329->25333 25331 47bf61 FreeLibrary 25330->25331 25330->25332 25331->25332 25332->25322 25333->25330 26017 4710f0 LocalFree 26050 47d1f0 GetProcessHeap 26051 46edf1 DialogBoxParamW 25334 4513fd 43 API calls 2 library calls 26019 468880 132 API calls 26052 471180 RaiseException _com_error::_com_error CallUnexpected 26071 473e8b 38 API calls 4 library calls 26021 451095 44 API calls 26022 46b090 28 API calls 26054 47b590 21 API calls 2 library calls 26073 473a90 6 API calls 4 library calls 26092 470790 GetSystemTimeAsFileTime GetCurrentThreadId GetCurrentProcessId QueryPerformanceCounter ___security_init_cookie 25869 46de9d 25871 46df67 25869->25871 25876 46dec0 25869->25876 25870 46c504 ExpandEnvironmentStringsW 25884 46d8d8 _wcslen _wcsrchr 25870->25884 25871->25884 25897 46e8df 25871->25897 25873 46e54f 25875 463316 CompareStringW 25875->25876 25876->25871 25876->25875 25877 46dbac SetWindowTextW 25877->25884 25879 46c67e 76 API calls 25879->25884 25880 47521e 22 API calls 25880->25884 25882 46d9b4 _abort _wcslen 25882->25884 25886 46da54 GetFileAttributesW 25882->25886 25889 46dd76 GetDlgItem SetWindowTextW SendMessageW 25882->25889 25892 46ddb6 SendMessageW 25882->25892 25922 45cdc0 51 API calls 2 library calls 25882->25922 25883 46d99a SetFileAttributesW 25883->25882 25883->25886 25884->25870 25884->25873 25884->25877 25884->25879 25884->25880 25884->25882 25884->25883 25896 463316 CompareStringW 25884->25896 25921 46b65d GetCurrentDirectoryW 25884->25921 25923 45b9ca 6 API calls 25884->25923 25924 45b953 FindClose 25884->25924 25886->25884 25888 46da66 DeleteFileW 25886->25888 25888->25884 25890 46da77 25888->25890 25889->25882 25891 454a20 _swprintf 51 API calls 25890->25891 25893 46da97 GetFileAttributesW 25891->25893 25892->25884 25893->25890 25894 46daac MoveFileW 25893->25894 25894->25884 25895 46dac4 MoveFileExW 25894->25895 25895->25884 25896->25884 25901 46e8e9 _abort _wcslen 25897->25901 25898 46eb37 25898->25884 25899 46eb10 25899->25898 25905 46eb2e ShowWindow 25899->25905 25900 46e9f5 25902 45b4c1 3 API calls 25900->25902 25901->25898 25901->25899 25901->25900 25925 463316 CompareStringW 25901->25925 25904 46ea0a 25902->25904 25906 46ea29 ShellExecuteExW 25904->25906 25926 45cad4 GetFullPathNameW GetFullPathNameW GetCurrentDirectoryW 25904->25926 25905->25898 25906->25898 25913 46ea3c 25906->25913 25908 46ea21 25908->25906 25909 46ea75 25927 46ed8b 6 API calls 25909->25927 25910 46eacb CloseHandle 25911 46eae4 25910->25911 25912 46ead9 25910->25912 25911->25899 25928 463316 CompareStringW 25912->25928 25913->25909 25913->25910 25916 46ea6b ShowWindow 25913->25916 25916->25909 25917 46ea8d 25917->25910 25918 46eaa0 GetExitCodeProcess 25917->25918 25918->25910 25919 46eab3 25918->25919 25919->25910 25921->25884 25922->25882 25923->25884 25924->25884 25925->25900 25926->25908 25927->25917 25928->25911 26024 46a4a0 GetClientRect 26025 47d0a0 GetCommandLineA GetCommandLineW 26055 46d8d8 107 API calls 4 library calls 26056 46f5af 14 API calls ___delayLoadHelper2@8 25966 4510b5 25967 45644d 43 API calls 25966->25967 25968 4510ba 25967->25968 25971 470372 29 API calls 25968->25971 25970 4510c4 25971->25970 26094 46c7b0 100 API calls 26095 470f0f 9 API calls 2 library calls 25977 47bdb0 25978 47bdbb 25977->25978 25979 47c0ca 11 API calls 25978->25979 25980 47bde4 25978->25980 25982 47bde0 25978->25982 25979->25978 25983 47be10 DeleteCriticalSection 25980->25983 25983->25982

                                                                                                                                                                                                                            Executed Functions

                                                                                                                                                                                                                            Function 0046F05C Relevance: 42.2, APIs: 17, Strings: 7, Instructions: 202filesleeptimeCOMMON
                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                              • Part of subcall function 00461B83: GetModuleHandleW.KERNEL32(kernel32), ref: 00461B9C
                                                                                                                                                                                                                              • Part of subcall function 00461B83: GetProcAddress.KERNEL32(00000000,SetDllDirectoryW), ref: 00461BAE
                                                                                                                                                                                                                              • Part of subcall function 00461B83: GetProcAddress.KERNEL32(00000000,SetDefaultDllDirectories), ref: 00461BDF
                                                                                                                                                                                                                              • Part of subcall function 0046B65D: GetCurrentDirectoryW.KERNEL32(?,?), ref: 0046B665
                                                                                                                                                                                                                              • Part of subcall function 0046BD1B: OleInitialize.OLE32(00000000), ref: 0046BD34
                                                                                                                                                                                                                              • Part of subcall function 0046BD1B: GdiplusStartup.GDIPLUS(?,?,00000000), ref: 0046BD6B
                                                                                                                                                                                                                              • Part of subcall function 0046BD1B: SHGetMalloc.SHELL32(0049A460), ref: 0046BD75
                                                                                                                                                                                                                            • GetCommandLineW.KERNEL32 ref: 0046F09B
                                                                                                                                                                                                                            • OpenFileMappingW.KERNEL32(000F001F,00000000,winrarsfxmappingfile.tmp), ref: 0046F0C5
                                                                                                                                                                                                                            • MapViewOfFile.KERNEL32(00000000,000F001F,00000000,00000000,00007402), ref: 0046F0D6
                                                                                                                                                                                                                            • UnmapViewOfFile.KERNEL32(00000000), ref: 0046F127
                                                                                                                                                                                                                              • Part of subcall function 0046ED2E: SetEnvironmentVariableW.KERNELBASE(sfxcmd,?), ref: 0046ED44
                                                                                                                                                                                                                              • Part of subcall function 0046ED2E: SetEnvironmentVariableW.KERNEL32(sfxpar,-00000002,00000000,?,?,?,00001000), ref: 0046ED80
                                                                                                                                                                                                                              • Part of subcall function 00460752: _wcslen.LIBCMT ref: 00460776
                                                                                                                                                                                                                            • CloseHandle.KERNEL32(00000000), ref: 0046F12E
                                                                                                                                                                                                                            • GetModuleFileNameW.KERNEL32(00000000,C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe,00000800), ref: 0046F148
                                                                                                                                                                                                                            • SetEnvironmentVariableW.KERNEL32(sfxname,C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe), ref: 0046F154
                                                                                                                                                                                                                            • GetLocalTime.KERNEL32(?), ref: 0046F15F
                                                                                                                                                                                                                            • _swprintf.LIBCMT ref: 0046F19E
                                                                                                                                                                                                                            • SetEnvironmentVariableW.KERNEL32(sfxstime,?), ref: 0046F1B3
                                                                                                                                                                                                                            • GetModuleHandleW.KERNEL32(00000000), ref: 0046F1BA
                                                                                                                                                                                                                            • LoadIconW.USER32(00000000,00000064), ref: 0046F1D1
                                                                                                                                                                                                                            • DialogBoxParamW.USER32(00000000,STARTDLG,00000000,Function_0001C9D0,00000000), ref: 0046F222
                                                                                                                                                                                                                            • Sleep.KERNEL32(?), ref: 0046F250
                                                                                                                                                                                                                            • DeleteObject.GDI32 ref: 0046F289
                                                                                                                                                                                                                            • DeleteObject.GDI32(?), ref: 0046F299
                                                                                                                                                                                                                            • CloseHandle.KERNEL32 ref: 0046F2DC
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: EnvironmentFileHandleVariable$Module$AddressCloseDeleteObjectProcView$CommandCurrentDialogDirectoryGdiplusIconInitializeLineLoadLocalMallocMappingNameOpenParamSleepStartupTimeUnmap_swprintf_wcslen
                                                                                                                                                                                                                            • String ID: %4d-%02d-%02d-%02d-%02d-%02d-%03d$C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe$STARTDLG$p0I$sfxname$sfxstime$winrarsfxmappingfile.tmp
                                                                                                                                                                                                                            • API String ID: 3014515783-2435737932
                                                                                                                                                                                                                            • Opcode ID: 0f3bb4346b4ce2a890dae3b39e0e5bb05ab0b8cc649d21b0a9e6a70a81ad473b
                                                                                                                                                                                                                            • Instruction ID: 8391af88d99b381ac4a76005e1b8e4ac7610d8d8607a974bcbd85c0e55cf47a7
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0f3bb4346b4ce2a890dae3b39e0e5bb05ab0b8cc649d21b0a9e6a70a81ad473b
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7461BA71500301ABD310BB65EC49B6B7BACEB45749F04053FF585922A2EB6C9D44CB6F
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046B6D2 Relevance: 17.6, APIs: 9, Strings: 1, Instructions: 100memorywindowCOMMON
                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                            control_flow_graph 823 46b6d2-46b6ef FindResourceW 824 46b6f5-46b706 SizeofResource 823->824 825 46b7eb 823->825 824->825 827 46b70c-46b71b LoadResource 824->827 826 46b7ed-46b7f1 825->826 827->825 828 46b721-46b72c LockResource 827->828 828->825 829 46b732-46b747 GlobalAlloc 828->829 830 46b7e3-46b7e9 829->830 831 46b74d-46b756 GlobalLock 829->831 830->826 832 46b7dc-46b7dd GlobalFree 831->832 833 46b75c-46b77a call 472dc0 831->833 832->830 837 46b7d5-46b7d6 GlobalUnlock 833->837 838 46b77c-46b79e call 46b636 833->838 837->832 838->837 843 46b7a0-46b7a8 838->843 844 46b7c3-46b7d1 843->844 845 46b7aa-46b7be GdipCreateHBITMAPFromBitmap 843->845 844->837 845->844 846 46b7c0 845->846 846->844
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • FindResourceW.KERNEL32(?,PNG,00000000,?,?,?,0046C92D,00000066), ref: 0046B6E5
                                                                                                                                                                                                                            • SizeofResource.KERNEL32(00000000,?,?,?,0046C92D,00000066), ref: 0046B6FC
                                                                                                                                                                                                                            • LoadResource.KERNEL32(00000000,?,?,?,0046C92D,00000066), ref: 0046B713
                                                                                                                                                                                                                            • LockResource.KERNEL32(00000000,?,?,?,0046C92D,00000066), ref: 0046B722
                                                                                                                                                                                                                            • GlobalAlloc.KERNELBASE(00000002,00000000,?,?,?,?,?,0046C92D,00000066), ref: 0046B73D
                                                                                                                                                                                                                            • GlobalLock.KERNEL32(00000000,?,?,?,?,?,0046C92D,00000066), ref: 0046B74E
                                                                                                                                                                                                                            • GlobalUnlock.KERNEL32(00000000), ref: 0046B7D6
                                                                                                                                                                                                                              • Part of subcall function 0046B636: GdipAlloc.GDIPLUS(00000010), ref: 0046B63C
                                                                                                                                                                                                                            • GdipCreateHBITMAPFromBitmap.GDIPLUS(?,?,00FFFFFF), ref: 0046B7B7
                                                                                                                                                                                                                            • GlobalFree.KERNEL32(00000000), ref: 0046B7DD
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: GlobalResource$AllocGdipLock$BitmapCreateFindFreeFromLoadSizeofUnlock
                                                                                                                                                                                                                            • String ID: PNG
                                                                                                                                                                                                                            • API String ID: 541704414-364855578
                                                                                                                                                                                                                            • Opcode ID: d7b51a0ae2902396c7b6fdf498bc4e10de8c7940437117f8dfa81ae509f73df4
                                                                                                                                                                                                                            • Instruction ID: c8bc002058998c0ca374bccd02cd663f460c698d95a02ebfa357158cb395352a
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d7b51a0ae2902396c7b6fdf498bc4e10de8c7940437117f8dfa81ae509f73df4
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 77318F71200312AFC7119F21EC8CD1BBFA8EFC4756B01092EF905D2220EB35DC818BAA
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0045BA94 Relevance: 7.6, APIs: 5, Instructions: 105fileCOMMON
                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                            control_flow_graph 1023 45ba94-45bab8 call 46ffd0 1026 45bb20-45bb29 FindNextFileW 1023->1026 1027 45baba-45bac7 FindFirstFileW 1023->1027 1029 45bb3b-45bbf8 call 46192f call 45d71d call 462924 * 3 1026->1029 1030 45bb2b-45bb39 GetLastError 1026->1030 1028 45bac9-45badb call 45cf32 1027->1028 1027->1029 1038 45baf7-45bb00 GetLastError 1028->1038 1039 45badd-45baf5 FindFirstFileW 1028->1039 1035 45bbfd-45bc0a 1029->1035 1032 45bb12-45bb1b 1030->1032 1032->1035 1041 45bb10 1038->1041 1042 45bb02-45bb05 1038->1042 1039->1029 1039->1038 1041->1032 1042->1041 1044 45bb07-45bb0a 1042->1044 1044->1041 1046 45bb0c-45bb0e 1044->1046 1046->1032
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • FindFirstFileW.KERNELBASE(?,?,?,?,?,?,0045B98B,000000FF,?,?), ref: 0045BABD
                                                                                                                                                                                                                              • Part of subcall function 0045CF32: _wcslen.LIBCMT ref: 0045CF56
                                                                                                                                                                                                                            • FindFirstFileW.KERNEL32(?,?,?,?,00000800,?,?,?,?,0045B98B,000000FF,?,?), ref: 0045BAEB
                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,?,00000800,?,?,?,?,0045B98B,000000FF,?,?), ref: 0045BAF7
                                                                                                                                                                                                                            • FindNextFileW.KERNEL32(?,?,?,?,?,?,0045B98B,000000FF,?,?), ref: 0045BB21
                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,?,?,?,0045B98B,000000FF,?,?), ref: 0045BB2D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: FileFind$ErrorFirstLast$Next_wcslen
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 42610566-0
                                                                                                                                                                                                                            • Opcode ID: 7dc5cb02cb10ecfe95758159f61145a45ab6ed67bfbe3dee4a00dba5c9a81d06
                                                                                                                                                                                                                            • Instruction ID: c56826f15e4bd34656855c4b63f5f061065055adecb44b4e3b6080a99c2762a8
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7dc5cb02cb10ecfe95758159f61145a45ab6ed67bfbe3dee4a00dba5c9a81d06
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DE418272600519ABCB25DF64CC84AEEB3B8FB48351F1005AAE95DE3305D7786E88CF94
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 004592C6 Relevance: 4.7, APIs: 1, Strings: 1, Instructions: 1157COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • __EH_prolog.LIBCMT ref: 004592CB
                                                                                                                                                                                                                              • Part of subcall function 0045D656: _wcsrchr.LIBVCRUNTIME ref: 0045D660
                                                                                                                                                                                                                              • Part of subcall function 0045CAA0: _wcslen.LIBCMT ref: 0045CAA6
                                                                                                                                                                                                                              • Part of subcall function 00461907: _wcslen.LIBCMT ref: 0046190D
                                                                                                                                                                                                                              • Part of subcall function 0045B5D6: _wcslen.LIBCMT ref: 0045B5E2
                                                                                                                                                                                                                              • Part of subcall function 0045B5D6: __aulldiv.LIBCMT ref: 0045B60E
                                                                                                                                                                                                                              • Part of subcall function 0045B5D6: GetCurrentProcessId.KERNEL32(00000000,?,000186A0,00000000,?,?,00000800,?), ref: 0045B615
                                                                                                                                                                                                                              • Part of subcall function 0045B5D6: _swprintf.LIBCMT ref: 0045B640
                                                                                                                                                                                                                              • Part of subcall function 0045B5D6: _wcslen.LIBCMT ref: 0045B64A
                                                                                                                                                                                                                              • Part of subcall function 0045B5D6: _swprintf.LIBCMT ref: 0045B6A0
                                                                                                                                                                                                                              • Part of subcall function 0045B5D6: _wcslen.LIBCMT ref: 0045B6AA
                                                                                                                                                                                                                              • Part of subcall function 00454727: __EH_prolog.LIBCMT ref: 0045472C
                                                                                                                                                                                                                              • Part of subcall function 0045A212: __EH_prolog.LIBCMT ref: 0045A217
                                                                                                                                                                                                                              • Part of subcall function 0045B8E6: SetFileAttributesW.KERNELBASE(?,00000000,00000001,?,0045B5B5,?,?,?,0045B405,?,00000001,00000000,?,?), ref: 0045B8FA
                                                                                                                                                                                                                              • Part of subcall function 0045B8E6: SetFileAttributesW.KERNEL32(?,00000000,?,?,00000800,?,0045B5B5,?,?,?,0045B405,?,00000001,00000000,?,?), ref: 0045B92B
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            • __tmp_reference_source_, xrefs: 00459596
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: _wcslen$H_prolog$AttributesFile_swprintf$CurrentProcess__aulldiv_wcsrchr
                                                                                                                                                                                                                            • String ID: __tmp_reference_source_
                                                                                                                                                                                                                            • API String ID: 70197177-685763994
                                                                                                                                                                                                                            • Opcode ID: c82f359f49bc589b3c5a6be44d51d7c07499abd25fec6dee30d8431f9e11add0
                                                                                                                                                                                                                            • Instruction ID: 30cfa79b23f39187a3b05e67a1bcc0351d5a7296e48a61047f061ba901ce9918
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c82f359f49bc589b3c5a6be44d51d7c07499abd25fec6dee30d8431f9e11add0
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 04A2E471904245EEDF19DF64C885BEA7BA4BF05305F0801ABEC499B283DB385D4DCBA9
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 004791B0 Relevance: 4.5, APIs: 3, Instructions: 20COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • GetCurrentProcess.KERNEL32(?,?,00479186,?,0048D570,0000000C,004792DD,?,00000002,00000000), ref: 004791D1
                                                                                                                                                                                                                            • TerminateProcess.KERNEL32(00000000,?,00479186,?,0048D570,0000000C,004792DD,?,00000002,00000000), ref: 004791D8
                                                                                                                                                                                                                            • ExitProcess.KERNEL32 ref: 004791EA
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Process$CurrentExitTerminate
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1703294689-0
                                                                                                                                                                                                                            • Opcode ID: 3e9ecaeb08507a49d4fc5659e46535f661924cf521573a5f4285592eec5450a8
                                                                                                                                                                                                                            • Instruction ID: c3b2e673d09fdd7ef15f162af6e1df2d0258186823402f92c6b8c7068017dde3
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3e9ecaeb08507a49d4fc5659e46535f661924cf521573a5f4285592eec5450a8
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3EE04F31000109ABCF156F50CD0CA893F2AEB80345F418429F90C46222CB39DD92CB88
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00467DDC Relevance: .3, Instructions: 343COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: H_prolog
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 3519838083-0
                                                                                                                                                                                                                            • Opcode ID: c07441158fe98b3b435fee0f271ad668d6b291f48a2eeb33ea8cb12c9615efb2
                                                                                                                                                                                                                            • Instruction ID: 7b7eba3af0029376303a2179d5c89152dc4c8a7134fc1ce90f71e1c0bb015f0d
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c07441158fe98b3b435fee0f271ad668d6b291f48a2eeb33ea8cb12c9615efb2
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 30D162716083418FDB14CF29C94479BBBE1BF85308F04466EE8899B342E778D949CB5B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046C9D0 Relevance: 104.0, APIs: 48, Strings: 11, Instructions: 734windowfilesleepCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • __EH_prolog.LIBCMT ref: 0046C9D5
                                                                                                                                                                                                                              • Part of subcall function 004512F6: GetDlgItem.USER32(00000000,00003021), ref: 0045133A
                                                                                                                                                                                                                              • Part of subcall function 004512F6: SetWindowTextW.USER32(00000000,004845F4), ref: 00451350
                                                                                                                                                                                                                            • SetDlgItemTextW.USER32(?,00000001,00000000), ref: 0046CAC1
                                                                                                                                                                                                                            • GetMessageW.USER32(?,00000000,00000000,00000000), ref: 0046CADF
                                                                                                                                                                                                                            • IsDialogMessageW.USER32(?,?), ref: 0046CAF2
                                                                                                                                                                                                                            • TranslateMessage.USER32(?), ref: 0046CB00
                                                                                                                                                                                                                            • DispatchMessageW.USER32(?), ref: 0046CB0A
                                                                                                                                                                                                                            • GetDlgItemTextW.USER32(?,00000066,?,00000800), ref: 0046CB2D
                                                                                                                                                                                                                            • EndDialog.USER32(?,00000001), ref: 0046CB50
                                                                                                                                                                                                                            • GetDlgItem.USER32(?,00000068), ref: 0046CB73
                                                                                                                                                                                                                            • SendMessageW.USER32(00000000,000000B1,00000000,000000FF), ref: 0046CB8E
                                                                                                                                                                                                                            • SendMessageW.USER32(00000000,000000C2,00000000,004845F4), ref: 0046CBA1
                                                                                                                                                                                                                              • Part of subcall function 0046E598: _wcslen.LIBCMT ref: 0046E5C2
                                                                                                                                                                                                                            • SetFocus.USER32(00000000), ref: 0046CBA8
                                                                                                                                                                                                                            • _swprintf.LIBCMT ref: 0046CC07
                                                                                                                                                                                                                              • Part of subcall function 00454A20: __vswprintf_c_l.LEGACY_STDIO_DEFINITIONS ref: 00454A33
                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,00000000,00000000,00000000,?), ref: 0046CC6A
                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,?,00000000,00000000,00000000,?), ref: 0046CC92
                                                                                                                                                                                                                            • GetTickCount.KERNEL32 ref: 0046CCB0
                                                                                                                                                                                                                            • _swprintf.LIBCMT ref: 0046CCC8
                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,00000011), ref: 0046CCFA
                                                                                                                                                                                                                            • GetModuleFileNameW.KERNEL32(00000000,?,00000800,?,?,?,00000000,00000000,00000000,?), ref: 0046CD4D
                                                                                                                                                                                                                            • _swprintf.LIBCMT ref: 0046CD84
                                                                                                                                                                                                                            • CreateFileMappingW.KERNEL32(000000FF,00000000,08000004,00000000,00007402,winrarsfxmappingfile.tmp), ref: 0046CDD8
                                                                                                                                                                                                                            • GetCommandLineW.KERNEL32 ref: 0046CDEE
                                                                                                                                                                                                                            • MapViewOfFile.KERNEL32(00000000,00000002,00000000,00000000,00000000,004A1482,00000400,00000001,00000001), ref: 0046CE45
                                                                                                                                                                                                                            • ShellExecuteExW.SHELL32(0000003C), ref: 0046CE6D
                                                                                                                                                                                                                            • Sleep.KERNEL32(00000064), ref: 0046CEB5
                                                                                                                                                                                                                            • UnmapViewOfFile.KERNEL32(?,?,0000421C,004A1482,00000400), ref: 0046CEDE
                                                                                                                                                                                                                            • CloseHandle.KERNEL32(00000000), ref: 0046CEE7
                                                                                                                                                                                                                            • _swprintf.LIBCMT ref: 0046CF1A
                                                                                                                                                                                                                            • SetDlgItemTextW.USER32(?,00000001,00000000), ref: 0046CF79
                                                                                                                                                                                                                            • SetDlgItemTextW.USER32(?,00000065,004845F4), ref: 0046CF90
                                                                                                                                                                                                                            • GetDlgItem.USER32(?,00000065), ref: 0046CF99
                                                                                                                                                                                                                            • GetWindowLongW.USER32(00000000,000000F0), ref: 0046CFA8
                                                                                                                                                                                                                            • SetWindowLongW.USER32(00000000,000000F0,00000000), ref: 0046CFB7
                                                                                                                                                                                                                            • SetDlgItemTextW.USER32(?,00000001,00000000), ref: 0046D064
                                                                                                                                                                                                                            • _wcslen.LIBCMT ref: 0046D0BA
                                                                                                                                                                                                                            • _swprintf.LIBCMT ref: 0046D0E4
                                                                                                                                                                                                                            • SendMessageW.USER32(?,00000080,00000001,0003046F), ref: 0046D12E
                                                                                                                                                                                                                            • SendDlgItemMessageW.USER32(?,0000006C,00000172,00000000,?), ref: 0046D148
                                                                                                                                                                                                                            • GetDlgItem.USER32(?,00000068), ref: 0046D151
                                                                                                                                                                                                                            • SendMessageW.USER32(00000000,00000435,00000000,00400000), ref: 0046D167
                                                                                                                                                                                                                            • GetDlgItem.USER32(?,00000066), ref: 0046D181
                                                                                                                                                                                                                            • SetWindowTextW.USER32(00000000,004A389A), ref: 0046D1A3
                                                                                                                                                                                                                            • SetDlgItemTextW.USER32(?,0000006B,00000000), ref: 0046D203
                                                                                                                                                                                                                            • SetDlgItemTextW.USER32(?,00000001,00000000), ref: 0046D216
                                                                                                                                                                                                                            • DialogBoxParamW.USER32(LICENSEDLG,00000000,Function_0001C7B0,00000000,?), ref: 0046D2B9
                                                                                                                                                                                                                            • EnableWindow.USER32(00000000,00000000), ref: 0046D393
                                                                                                                                                                                                                            • SendMessageW.USER32(?,00000111,00000001,00000000), ref: 0046D3D5
                                                                                                                                                                                                                              • Part of subcall function 0046D884: __EH_prolog.LIBCMT ref: 0046D889
                                                                                                                                                                                                                            • SetDlgItemTextW.USER32(?,00000001,00000000), ref: 0046D3F9
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Item$MessageText$Send$Window_swprintf$File$DialogErrorLast$H_prologLongView_wcslen$CloseCommandCountCreateDispatchEnableExecuteFocusHandleLineMappingModuleNameParamShellSleepTickTranslateUnmap__vswprintf_c_l
                                                                                                                                                                                                                            • String ID: %s$"%s"%s$-el -s2 "-d%s" "-sp%s"$<$@$C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe$LICENSEDLG$STARTDLG$__tmp_rar_sfx_access_check_%u$lbH$winrarsfxmappingfile.tmp
                                                                                                                                                                                                                            • API String ID: 2749746782-295523172
                                                                                                                                                                                                                            • Opcode ID: 6a75180b2c64cbee732e08be69c3ceaa159451cafe5c65f6217158bb347c5b61
                                                                                                                                                                                                                            • Instruction ID: bfbee911251335d2cd80d25c1d22adec49f3a96f3f347e2ce2b56762a8c6b40c
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 6a75180b2c64cbee732e08be69c3ceaa159451cafe5c65f6217158bb347c5b61
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B342D571E40244BBEB21AB649C4AFBE7A7C9B11709F04017BF540A61E2E7BC4945CB6F
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00461B83 Relevance: 100.1, APIs: 23, Strings: 34, Instructions: 316libraryfileloaderCOMMON
                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                            control_flow_graph 273 461b83-461ba6 call 46ffd0 GetModuleHandleW 276 461c07-461e68 273->276 277 461ba8-461bbf GetProcAddress 273->277 278 461f34-461f60 GetModuleFileNameW call 45d6a7 call 46192f 276->278 279 461e6e-461e79 call 4789ee 276->279 280 461bc1-461bd7 277->280 281 461bd9-461be9 GetProcAddress 277->281 296 461f62-461f6e call 45c619 278->296 279->278 291 461e7f-461ead GetModuleFileNameW CreateFileW 279->291 280->281 282 461c05 281->282 283 461beb-461c00 281->283 282->276 283->282 293 461eaf-461ebb SetFilePointer 291->293 294 461f28-461f2f CloseHandle 291->294 293->294 297 461ebd-461ed9 ReadFile 293->297 294->278 303 461f70-461f7b call 461b3b 296->303 304 461f9d-461fc4 call 45d71d GetFileAttributesW 296->304 297->294 299 461edb-461f00 297->299 301 461f1d-461f26 call 46169e 299->301 301->294 310 461f02-461f1c call 461b3b 301->310 303->304 312 461f7d-461f9b CompareStringW 303->312 313 461fc6-461fca 304->313 314 461fce 304->314 310->301 312->304 312->313 313->296 316 461fcc 313->316 317 461fd0-461fd5 314->317 316->317 318 461fd7 317->318 319 46200c-46200e 317->319 322 461fd9-462000 call 45d71d GetFileAttributesW 318->322 320 462014-46202b call 45d6f1 call 45c619 319->320 321 46211b-462125 319->321 332 462093-4620c6 call 454a20 AllocConsole 320->332 333 46202d-46208e call 461b3b * 2 call 45f937 call 454a20 call 45f937 call 46b7f4 320->333 328 462002-462006 322->328 329 46200a 322->329 328->322 331 462008 328->331 329->319 331->319 338 462113-462115 ExitProcess 332->338 339 4620c8-46210d GetCurrentProcessId AttachConsole call 474fa3 GetStdHandle WriteConsoleW Sleep FreeConsole 332->339 333->338 339->338
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • GetModuleHandleW.KERNEL32(kernel32), ref: 00461B9C
                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(00000000,SetDllDirectoryW), ref: 00461BAE
                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(00000000,SetDefaultDllDirectories), ref: 00461BDF
                                                                                                                                                                                                                            • GetModuleFileNameW.KERNEL32(00000000,?,00000800), ref: 00461E89
                                                                                                                                                                                                                            • CreateFileW.KERNEL32(?,80000000,00000001,00000000,00000003,00000000,00000000), ref: 00461EA3
                                                                                                                                                                                                                            • SetFilePointer.KERNEL32(00000000,00000000,00000000,00000000), ref: 00461EB3
                                                                                                                                                                                                                            • ReadFile.KERNEL32(00000000,?,00007FFE,$MH,00000000), ref: 00461ED1
                                                                                                                                                                                                                            • CloseHandle.KERNEL32(00000000), ref: 00461F29
                                                                                                                                                                                                                            • GetModuleFileNameW.KERNEL32(00000000,?,00000800), ref: 00461F3E
                                                                                                                                                                                                                            • CompareStringW.KERNEL32(00000400,00001001,?,?,DXGIDebug.dll,?,$MH,?,00000000,?,00000800), ref: 00461F92
                                                                                                                                                                                                                            • GetFileAttributesW.KERNELBASE(?,?,$MH,00000800,?,00000000,?,00000800), ref: 00461FBC
                                                                                                                                                                                                                            • GetFileAttributesW.KERNEL32(?,?,MH,00000800), ref: 00461FF8
                                                                                                                                                                                                                              • Part of subcall function 00461B3B: GetSystemDirectoryW.KERNEL32(?,00000800), ref: 00461B56
                                                                                                                                                                                                                              • Part of subcall function 00461B3B: LoadLibraryW.KERNELBASE(?,?,?,?,00000800,?,0046063A,Crypt32.dll,00000000,004606B4,00000200,?,00460697,00000000,00000000,?), ref: 00461B78
                                                                                                                                                                                                                            • _swprintf.LIBCMT ref: 0046206A
                                                                                                                                                                                                                            • _swprintf.LIBCMT ref: 004620B6
                                                                                                                                                                                                                              • Part of subcall function 00454A20: __vswprintf_c_l.LEGACY_STDIO_DEFINITIONS ref: 00454A33
                                                                                                                                                                                                                            • AllocConsole.KERNEL32 ref: 004620BE
                                                                                                                                                                                                                            • GetCurrentProcessId.KERNEL32 ref: 004620C8
                                                                                                                                                                                                                            • AttachConsole.KERNEL32(00000000), ref: 004620CF
                                                                                                                                                                                                                            • _wcslen.LIBCMT ref: 004620E4
                                                                                                                                                                                                                            • GetStdHandle.KERNEL32(000000F4,?,00000000,?,00000000), ref: 004620F5
                                                                                                                                                                                                                            • WriteConsoleW.KERNEL32(00000000), ref: 004620FC
                                                                                                                                                                                                                            • Sleep.KERNEL32(00002710), ref: 00462107
                                                                                                                                                                                                                            • FreeConsole.KERNEL32 ref: 0046210D
                                                                                                                                                                                                                            • ExitProcess.KERNEL32 ref: 00462115
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: File$Console$HandleModule$AddressAttributesNameProcProcess_swprintf$AllocAttachCloseCompareCreateCurrentDirectoryExitFreeLibraryLoadPointerReadSleepStringSystemWrite__vswprintf_c_l_wcslen
                                                                                                                                                                                                                            • String ID: $MH$$PH$$QH$(NH$(RH$,OH$4QH$<MH$<PH$@NH$DOH$DRH$DXGIDebug.dll$LQH$Please remove %s from %s folder. It is unsecure to run %s until it is done.$SetDefaultDllDirectories$SetDllDirectoryW$XMH$XNH$\OH$\RH$`PH$dQH$dwmapi.dll$kernel32$pMH$pNH$tOH$uxtheme.dll$xPH$xQH$xRH$MH$NH
                                                                                                                                                                                                                            • API String ID: 1207345701-3555544229
                                                                                                                                                                                                                            • Opcode ID: fbd74387afa129123d609b9e4a32e78118352b8fbf88d3f37c29fa0345b5551c
                                                                                                                                                                                                                            • Instruction ID: 8d32609db1d16982bcc1fee8ce426865ae1ccb15f2fb63357278c8f3dbff6620
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: fbd74387afa129123d609b9e4a32e78118352b8fbf88d3f37c29fa0345b5551c
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D5D184B14087859BD331AF50D848B9F7AE8BBC5708F508D1FF68596250DBB88548CB6F
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046D884 Relevance: 47.7, APIs: 23, Strings: 4, Instructions: 428windowCOMMON
                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                            control_flow_graph 352 46d884-46d89c call 46fefc call 46ffd0 357 46e552-46e55d 352->357 358 46d8a2-46d8cc call 46c504 352->358 358->357 361 46d8d2-46d8d7 358->361 362 46d8d8-46d8e6 361->362 363 46d8e7-46d8fc call 46c11c 362->363 366 46d8fe 363->366 367 46d900-46d915 call 463316 366->367 370 46d917-46d91b 367->370 371 46d922-46d925 367->371 370->367 372 46d91d 370->372 373 46e51e-46e549 call 46c504 371->373 374 46d92b 371->374 372->373 373->362 386 46e54f-46e551 373->386 376 46dba4-46dba6 374->376 377 46d932-46d935 374->377 378 46db03-46db05 374->378 379 46dbc1-46dbc3 374->379 376->373 380 46dbac-46dbbc SetWindowTextW 376->380 377->373 384 46d93b-46d995 call 46b65d call 45d200 call 45b93d call 45ba77 call 4579e5 377->384 378->373 383 46db0b-46db17 378->383 379->373 381 46dbc9-46dbd0 379->381 380->373 381->373 385 46dbd6-46dbef 381->385 387 46db2b-46db30 383->387 388 46db19-46db2a call 478a79 383->388 440 46dad4-46dae9 call 45b9ca 384->440 390 46dbf7-46dc05 call 474fa3 385->390 391 46dbf1 385->391 386->357 394 46db32-46db38 387->394 395 46db3a-46db45 call 46c67e 387->395 388->387 390->373 408 46dc0b-46dc14 390->408 391->390 399 46db4a-46db4c 394->399 395->399 402 46db57-46db77 call 474fa3 call 47521e 399->402 403 46db4e-46db55 call 474fa3 399->403 428 46db90-46db92 402->428 429 46db79-46db80 402->429 403->402 412 46dc16-46dc1a 408->412 413 46dc3d-46dc40 408->413 416 46dc46-46dc49 412->416 419 46dc1c-46dc24 412->419 413->416 417 46dd25-46dd33 call 46192f 413->417 421 46dc56-46dc71 416->421 422 46dc4b-46dc50 416->422 432 46dd35-46dd49 call 4736be 417->432 419->373 425 46dc2a-46dc38 call 46192f 419->425 441 46dc73-46dcad 421->441 442 46dcbb-46dcc2 421->442 422->417 422->421 425->432 428->373 431 46db98-46db99 call 475219 428->431 436 46db87-46db8f call 478a79 429->436 437 46db82-46db84 429->437 446 46db9e-46db9f 431->446 451 46dd56-46ddb0 call 46192f call 46c3ae GetDlgItem SetWindowTextW SendMessageW call 477306 432->451 452 46dd4b-46dd4f 432->452 436->428 437->436 458 46daef-46dafe call 45b953 440->458 459 46d99a-46d9ae SetFileAttributesW 440->459 475 46dcb1-46dcb3 441->475 476 46dcaf 441->476 444 46dcc4-46dcdc call 474fa3 442->444 445 46dcf0-46dd13 call 474fa3 * 2 442->445 444->445 462 46dcde-46dceb call 461907 444->462 445->432 480 46dd15-46dd23 call 461907 445->480 446->373 451->373 490 46ddb6-46ddca SendMessageW 451->490 452->451 457 46dd51-46dd53 452->457 457->451 458->373 464 46da54-46da64 GetFileAttributesW 459->464 465 46d9b4-46d9e7 call 45cdc0 call 45caa0 call 474fa3 459->465 462->445 464->440 473 46da66-46da75 DeleteFileW 464->473 496 46d9fa-46da08 call 45d1c1 465->496 497 46d9e9-46d9f8 call 474fa3 465->497 473->440 479 46da77-46da7a 473->479 475->442 476->475 483 46da7e-46daaa call 454a20 GetFileAttributesW 479->483 480->432 493 46da7c-46da7d 483->493 494 46daac-46dac2 MoveFileW 483->494 490->373 493->483 494->440 495 46dac4-46dace MoveFileExW 494->495 495->440 496->458 502 46da0e-46da4d call 474fa3 call 4711b0 496->502 497->496 497->502 502->464
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • __EH_prolog.LIBCMT ref: 0046D889
                                                                                                                                                                                                                              • Part of subcall function 0046C504: ExpandEnvironmentStringsW.KERNEL32(00000000,?,00001000), ref: 0046C5EB
                                                                                                                                                                                                                            • _wcslen.LIBCMT ref: 0046DB4F
                                                                                                                                                                                                                            • _wcslen.LIBCMT ref: 0046DB58
                                                                                                                                                                                                                            • SetWindowTextW.USER32(?,?), ref: 0046DBB6
                                                                                                                                                                                                                            • _wcslen.LIBCMT ref: 0046DBF8
                                                                                                                                                                                                                            • _wcsrchr.LIBVCRUNTIME ref: 0046DD40
                                                                                                                                                                                                                            • GetDlgItem.USER32(?,00000066), ref: 0046DD7B
                                                                                                                                                                                                                            • SetWindowTextW.USER32(00000000,?), ref: 0046DD8B
                                                                                                                                                                                                                            • SendMessageW.USER32(00000000,00000143,00000000,004A389A), ref: 0046DD99
                                                                                                                                                                                                                            • SendMessageW.USER32(00000000,00000143,00000000,?), ref: 0046DDC4
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: _wcslen$MessageSendTextWindow$EnvironmentExpandH_prologItemStrings_wcsrchr
                                                                                                                                                                                                                            • String ID: %s.%d.tmp$<br>$ProgramFilesDir$Software\Microsoft\Windows\CurrentVersion
                                                                                                                                                                                                                            • API String ID: 2804936435-312220925
                                                                                                                                                                                                                            • Opcode ID: 0d3d6fa1a2055496c286d99cb02dbdfb91d515b27032d04b2c0a0a0ac83bf4f9
                                                                                                                                                                                                                            • Instruction ID: 5e2e19110bcf616ce36b344f5f5e8b7b8091fb59c1577f3a55bb408f289a038a
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0d3d6fa1a2055496c286d99cb02dbdfb91d515b27032d04b2c0a0a0ac83bf4f9
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8AE153B2D00118ABDB24ABA5DC85EEF73BC9B05314F5440ABF609E3154FF789E448B69
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0045ED87 Relevance: 23.4, APIs: 4, Strings: 9, Instructions: 663COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • __EH_prolog.LIBCMT ref: 0045ED90
                                                                                                                                                                                                                            • GetModuleFileNameW.KERNEL32(00000000,?,00000800), ref: 0045EDCC
                                                                                                                                                                                                                              • Part of subcall function 0045D6A7: _wcslen.LIBCMT ref: 0045D6AF
                                                                                                                                                                                                                              • Part of subcall function 00461907: _wcslen.LIBCMT ref: 0046190D
                                                                                                                                                                                                                              • Part of subcall function 00462ED2: MultiByteToWideChar.KERNEL32(00000000,00000000,?,000000FF,?,?,?,?,?,0045CF18,00000000,?,?), ref: 00462EEE
                                                                                                                                                                                                                            • _wcslen.LIBCMT ref: 0045F109
                                                                                                                                                                                                                            • __fprintf_l.LIBCMT ref: 0045F23C
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: _wcslen$ByteCharFileH_prologModuleMultiNameWide__fprintf_l
                                                                                                                                                                                                                            • String ID: $ ,$$%s:$*messages***$*messages***$@%s:$R$RTL$a
                                                                                                                                                                                                                            • API String ID: 566448164-801612888
                                                                                                                                                                                                                            • Opcode ID: 271c1405429be5448ec45301e963ffdf387c92be09660e29ab2714403be48299
                                                                                                                                                                                                                            • Instruction ID: e2bd1b4e65d24d8fe998d26e5142659d3b4bbf2d3f08191c4d86ade5444b85ec
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 271c1405429be5448ec45301e963ffdf387c92be09660e29ab2714403be48299
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9B32EF71900218EBDB28EF68C841AEE37A4FF14705F40456BFD0597282EB799D8DCB5A
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046E619 Relevance: 21.1, APIs: 11, Strings: 1, Instructions: 97windowCOMMON
                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                              • Part of subcall function 0046C758: PeekMessageW.USER32(?,00000000,00000000,00000000,00000000), ref: 0046C769
                                                                                                                                                                                                                              • Part of subcall function 0046C758: GetMessageW.USER32(?,00000000,00000000,00000000), ref: 0046C77A
                                                                                                                                                                                                                              • Part of subcall function 0046C758: IsDialogMessageW.USER32(0001047A,?), ref: 0046C78E
                                                                                                                                                                                                                              • Part of subcall function 0046C758: TranslateMessage.USER32(?), ref: 0046C79C
                                                                                                                                                                                                                              • Part of subcall function 0046C758: DispatchMessageW.USER32(?), ref: 0046C7A6
                                                                                                                                                                                                                            • GetDlgItem.USER32(00000068,004B1CF0), ref: 0046E62D
                                                                                                                                                                                                                            • ShowWindow.USER32(00000000,00000005,?,?,00000001,?,?,0046C9A9,004860F0,004B1CF0,004B1CF0,00001000,004930C4,00000000,?), ref: 0046E655
                                                                                                                                                                                                                            • SendMessageW.USER32(00000000,000000B1,00000000,000000FF), ref: 0046E660
                                                                                                                                                                                                                            • SendMessageW.USER32(00000000,000000C2,00000000,004845F4), ref: 0046E66E
                                                                                                                                                                                                                            • SendMessageW.USER32(00000000,000000B1,05F5E100,05F5E100), ref: 0046E684
                                                                                                                                                                                                                            • SendMessageW.USER32(00000000,0000043A,00000000,?), ref: 0046E69E
                                                                                                                                                                                                                            • SendMessageW.USER32(00000000,00000444,00000001,0000005C), ref: 0046E6E2
                                                                                                                                                                                                                            • SendMessageW.USER32(00000000,000000C2,00000000,?), ref: 0046E6F0
                                                                                                                                                                                                                            • SendMessageW.USER32(00000000,000000B1,05F5E100,05F5E100), ref: 0046E6FF
                                                                                                                                                                                                                            • SendMessageW.USER32(00000000,00000444,00000001,0000005C), ref: 0046E726
                                                                                                                                                                                                                            • SendMessageW.USER32(00000000,000000C2,00000000,0048549C), ref: 0046E735
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Message$Send$DialogDispatchItemPeekShowTranslateWindow
                                                                                                                                                                                                                            • String ID: \
                                                                                                                                                                                                                            • API String ID: 3569833718-2967466578
                                                                                                                                                                                                                            • Opcode ID: 6db16a1981d6c9ae1b835cc72263668424bab2269f32f8bf52eae563c8c96438
                                                                                                                                                                                                                            • Instruction ID: 0cdf492f8ab6e703a84553609497841c217175ed83ac468442fcbd5eacd4d378
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 6db16a1981d6c9ae1b835cc72263668424bab2269f32f8bf52eae563c8c96438
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 06312371544B40BFD302EF24DC0AFAB7FACFB92304F400A2AF6A196191D76449148BAF
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046E8DF Relevance: 15.9, APIs: 6, Strings: 3, Instructions: 184COMMON
                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                            control_flow_graph 848 46e8df-46e8f7 call 46ffd0 851 46e8fd-46e909 call 474fa3 848->851 852 46eb38-46eb40 848->852 851->852 855 46e90f-46e937 call 4711b0 851->855 858 46e941-46e94f 855->858 859 46e939 855->859 860 46e962-46e968 858->860 861 46e951-46e954 858->861 859->858 863 46e9ab-46e9ae 860->863 862 46e958-46e95e 861->862 865 46e987-46e994 862->865 866 46e960 862->866 863->862 864 46e9b0-46e9b6 863->864 869 46e9bd-46e9bf 864->869 870 46e9b8-46e9bb 864->870 867 46eb10-46eb12 865->867 868 46e99a-46e99e 865->868 871 46e972-46e97c 866->871 872 46eb16 867->872 868->872 873 46e9a4-46e9a9 868->873 874 46e9d2-46e9e8 call 45cd5c 869->874 875 46e9c1-46e9c8 869->875 870->869 870->874 876 46e97e 871->876 877 46e96a-46e970 871->877 881 46eb1f 872->881 873->863 884 46ea01-46ea0c call 45b4c1 874->884 885 46e9ea-46e9f7 call 463316 874->885 875->874 878 46e9ca 875->878 876->865 877->871 880 46e980-46e983 877->880 878->874 880->865 883 46eb26-46eb28 881->883 887 46eb37 883->887 888 46eb2a-46eb2c 883->888 893 46ea0e-46ea25 call 45cad4 884->893 894 46ea29-46ea36 ShellExecuteExW 884->894 885->884 895 46e9f9 885->895 887->852 888->887 891 46eb2e-46eb31 ShowWindow 888->891 891->887 893->894 894->887 897 46ea3c-46ea49 894->897 895->884 899 46ea5c-46ea5e 897->899 900 46ea4b-46ea52 897->900 902 46ea75-46ea94 call 46ed8b 899->902 903 46ea60-46ea69 899->903 900->899 901 46ea54-46ea5a 900->901 901->899 904 46eacb-46ead7 CloseHandle 901->904 902->904 917 46ea96-46ea9e 902->917 903->902 912 46ea6b-46ea73 ShowWindow 903->912 906 46eae8-46eaf6 904->906 907 46ead9-46eae6 call 463316 904->907 906->883 911 46eaf8-46eafa 906->911 907->881 907->906 911->883 915 46eafc-46eb02 911->915 912->902 915->883 916 46eb04-46eb0e 915->916 916->883 917->904 918 46eaa0-46eab1 GetExitCodeProcess 917->918 918->904 919 46eab3-46eabd 918->919 920 46eac4 919->920 921 46eabf 919->921 920->904 921->920
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • _wcslen.LIBCMT ref: 0046E8FE
                                                                                                                                                                                                                            • ShellExecuteExW.SHELL32(?), ref: 0046EA2E
                                                                                                                                                                                                                            • ShowWindow.USER32(?,00000000), ref: 0046EA6D
                                                                                                                                                                                                                            • GetExitCodeProcess.KERNEL32(?,?), ref: 0046EAA9
                                                                                                                                                                                                                            • CloseHandle.KERNEL32(?), ref: 0046EACF
                                                                                                                                                                                                                            • ShowWindow.USER32(?,00000001), ref: 0046EB31
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ShowWindow$CloseCodeExecuteExitHandleProcessShell_wcslen
                                                                                                                                                                                                                            • String ID: .exe$.inf$LdH
                                                                                                                                                                                                                            • API String ID: 36480843-2738293675
                                                                                                                                                                                                                            • Opcode ID: 6de8a992d1358a578216d9b07ac34c56f19a91e2148e2c4f7d27f48cad2b66d6
                                                                                                                                                                                                                            • Instruction ID: 71559b1242b61989fbb0132479f1e5fa621966b7ad561ba978f253e9bab9ef70
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 6de8a992d1358a578216d9b07ac34c56f19a91e2148e2c4f7d27f48cad2b66d6
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F751F4781043809ADB30DB669844ABB7BE4AF81B44F04082FF8C1972A1F7799849DB5F
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0047BB1B Relevance: 12.5, APIs: 6, Strings: 1, Instructions: 216COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                            control_flow_graph 922 47bb1b-47bb34 923 47bb36-47bb46 call 48010c 922->923 924 47bb4a-47bb4f 922->924 923->924 934 47bb48 923->934 926 47bb51-47bb59 924->926 927 47bb5c-47bb80 MultiByteToWideChar 924->927 926->927 928 47bb86-47bb92 927->928 929 47bd13-47bd26 call 470d7c 927->929 931 47bbe6 928->931 932 47bb94-47bba5 928->932 938 47bbe8-47bbea 931->938 935 47bba7-47bbb6 call 4831d0 932->935 936 47bbc4-47bbd5 call 47a7fe 932->936 934->924 942 47bd08 935->942 948 47bbbc-47bbc2 935->948 936->942 949 47bbdb 936->949 941 47bbf0-47bc03 MultiByteToWideChar 938->941 938->942 941->942 945 47bc09-47bc1b call 47c12c 941->945 946 47bd0a-47bd11 call 47bd83 942->946 951 47bc20-47bc24 945->951 946->929 953 47bbe1-47bbe4 948->953 949->953 951->942 954 47bc2a-47bc31 951->954 953->938 955 47bc33-47bc38 954->955 956 47bc6b-47bc77 954->956 955->946 957 47bc3e-47bc40 955->957 958 47bcc3 956->958 959 47bc79-47bc8a 956->959 957->942 960 47bc46-47bc60 call 47c12c 957->960 961 47bcc5-47bcc7 958->961 962 47bca5-47bcb6 call 47a7fe 959->962 963 47bc8c-47bc9b call 4831d0 959->963 960->946 975 47bc66 960->975 965 47bd01-47bd07 call 47bd83 961->965 966 47bcc9-47bce2 call 47c12c 961->966 962->965 974 47bcb8 962->974 963->965 978 47bc9d-47bca3 963->978 965->942 966->965 980 47bce4-47bceb 966->980 979 47bcbe-47bcc1 974->979 975->942 978->979 979->961 981 47bd27-47bd2d 980->981 982 47bced-47bcee 980->982 983 47bcef-47bcff WideCharToMultiByte 981->983 982->983 983->965 984 47bd2f-47bd36 call 47bd83 983->984 984->946
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • MultiByteToWideChar.KERNEL32(00000001,00000000,?,?,00000000,00000000,?,kG,00476B09,?,?,?,0047BD6C,00000001,00000001,62E85006), ref: 0047BB75
                                                                                                                                                                                                                            • MultiByteToWideChar.KERNEL32(00000001,00000001,?,?,00000000,?,?,?,?,0047BD6C,00000001,00000001,62E85006,?,?,?), ref: 0047BBFB
                                                                                                                                                                                                                            • WideCharToMultiByte.KERNEL32(00000001,00000000,00000000,00000000,?,62E85006,00000000,00000000,?,00000400,00000000,?,00000000,00000000,00000000,00000000), ref: 0047BCF5
                                                                                                                                                                                                                            • __freea.LIBCMT ref: 0047BD02
                                                                                                                                                                                                                              • Part of subcall function 0047A7FE: RtlAllocateHeap.NTDLL(00000000,?,?,?,00475594,?,0000015D,?,?,?,?,00476A70,000000FF,00000000,?,?), ref: 0047A830
                                                                                                                                                                                                                            • __freea.LIBCMT ref: 0047BD0B
                                                                                                                                                                                                                            • __freea.LIBCMT ref: 0047BD30
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ByteCharMultiWide__freea$AllocateHeap
                                                                                                                                                                                                                            • String ID: kG
                                                                                                                                                                                                                            • API String ID: 1414292761-2652996802
                                                                                                                                                                                                                            • Opcode ID: ad20169dec9241bfae557ca465554f413b3951ead8262fea8edf2de472191c55
                                                                                                                                                                                                                            • Instruction ID: 9ac5b92cbaaf5abf6488857f35169bad1da6f660c4ad7df63626bc708d74987f
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ad20169dec9241bfae557ca465554f413b3951ead8262fea8edf2de472191c55
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8851C172600616AEEB258F64DC85FEF77A9EF44714F15862EFC08D6240DB38EC408698
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046BD1B Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 34comCOMMON
                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                              • Part of subcall function 00461B3B: GetSystemDirectoryW.KERNEL32(?,00000800), ref: 00461B56
                                                                                                                                                                                                                              • Part of subcall function 00461B3B: LoadLibraryW.KERNELBASE(?,?,?,?,00000800,?,0046063A,Crypt32.dll,00000000,004606B4,00000200,?,00460697,00000000,00000000,?), ref: 00461B78
                                                                                                                                                                                                                            • OleInitialize.OLE32(00000000), ref: 0046BD34
                                                                                                                                                                                                                            • GdiplusStartup.GDIPLUS(?,?,00000000), ref: 0046BD6B
                                                                                                                                                                                                                            • SHGetMalloc.SHELL32(0049A460), ref: 0046BD75
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: DirectoryGdiplusInitializeLibraryLoadMallocStartupSystem
                                                                                                                                                                                                                            • String ID: riched20.dll$3To
                                                                                                                                                                                                                            • API String ID: 3498096277-2168385784
                                                                                                                                                                                                                            • Opcode ID: 0eac2822a8223b5fcb136935c0d7c2687d113b9552feba3f5a7e18e1f68b0a2d
                                                                                                                                                                                                                            • Instruction ID: 092cba1d12ce883ed7aff406fd9f7b0cc63517f8868daaf3fbd39de419f432ef
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0eac2822a8223b5fcb136935c0d7c2687d113b9552feba3f5a7e18e1f68b0a2d
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5BF049B1C00209ABCB10AF9AD849AEFFFFCEF80704F00412BE401E2210D7B856458BA5
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0045AB40 Relevance: 7.6, APIs: 5, Instructions: 111filetimeCOMMON
                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                            control_flow_graph 991 45ab40-45ab61 call 46ffd0 994 45ab63-45ab66 991->994 995 45ab6c 991->995 994->995 997 45ab68-45ab6a 994->997 996 45ab6e-45ab7f 995->996 998 45ab87-45ab91 996->998 999 45ab81 996->999 997->996 1000 45ab96-45aba3 call 4579e5 998->1000 1001 45ab93 998->1001 999->998 1004 45aba5 1000->1004 1005 45abab-45abca CreateFileW 1000->1005 1001->1000 1004->1005 1006 45abcc-45abee GetLastError call 45cf32 1005->1006 1007 45ac1b-45ac1f 1005->1007 1011 45ac28-45ac2d 1006->1011 1016 45abf0-45ac13 CreateFileW GetLastError 1006->1016 1008 45ac23-45ac26 1007->1008 1010 45ac39-45ac3e 1008->1010 1008->1011 1014 45ac40-45ac43 1010->1014 1015 45ac5f-45ac70 1010->1015 1011->1010 1013 45ac2f 1011->1013 1013->1010 1014->1015 1017 45ac45-45ac59 SetFileTime 1014->1017 1018 45ac72-45ac8a call 46192f 1015->1018 1019 45ac8e-45ac99 1015->1019 1016->1008 1020 45ac15-45ac19 1016->1020 1017->1015 1018->1019 1020->1008
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • CreateFileW.KERNELBASE(?,?,?,00000000,00000003,08000000,00000000,?,00000000,?,?,00458243,?,00000005,?,00000011), ref: 0045ABBF
                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,?,00458243,?,00000005,?,00000011,?,?,00000000,?,0000003A,00000802), ref: 0045ABCC
                                                                                                                                                                                                                            • CreateFileW.KERNEL32(00000000,?,?,00000000,00000003,08000000,00000000,?,?,00000800,?,?,00458243,?,00000005,?), ref: 0045AC02
                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,?,00458243,?,00000005,?,00000011,?,?,00000000,?,0000003A,00000802), ref: 0045AC0A
                                                                                                                                                                                                                            • SetFileTime.KERNEL32(00000000,00000000,000000FF,00000000,?,00458243,?,00000005,?,00000011,?,?,00000000,?,0000003A,00000802), ref: 0045AC59
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: File$CreateErrorLast$Time
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1999340476-0
                                                                                                                                                                                                                            • Opcode ID: f97faac064405f793fdaabc9871438766ffc3148f0511d322673df46de056f7f
                                                                                                                                                                                                                            • Instruction ID: 3e516050a38c78152bddbc35f2c66f6c311a464a667e39aead97c660a2506ca8
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f97faac064405f793fdaabc9871438766ffc3148f0511d322673df46de056f7f
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 403138305447416FE3319F24DC4579BBB94BB45325F100B1AFAA0862D2D3B96868CBDA
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046C758 Relevance: 7.5, APIs: 5, Instructions: 38windowCOMMON
                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                            control_flow_graph 1050 46c758-46c771 PeekMessageW 1051 46c773-46c787 GetMessageW 1050->1051 1052 46c7ac-46c7ae 1050->1052 1053 46c798-46c7a6 TranslateMessage DispatchMessageW 1051->1053 1054 46c789-46c796 IsDialogMessageW 1051->1054 1053->1052 1054->1052 1054->1053
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • PeekMessageW.USER32(?,00000000,00000000,00000000,00000000), ref: 0046C769
                                                                                                                                                                                                                            • GetMessageW.USER32(?,00000000,00000000,00000000), ref: 0046C77A
                                                                                                                                                                                                                            • IsDialogMessageW.USER32(0001047A,?), ref: 0046C78E
                                                                                                                                                                                                                            • TranslateMessage.USER32(?), ref: 0046C79C
                                                                                                                                                                                                                            • DispatchMessageW.USER32(?), ref: 0046C7A6
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Message$DialogDispatchPeekTranslate
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1266772231-0
                                                                                                                                                                                                                            • Opcode ID: e1a49aa3949e02098f03b3f07e1f6876d491961d2b1d734ea1d4a89f91cbf71f
                                                                                                                                                                                                                            • Instruction ID: f861fa2b847aca83005011673149ee7f8a9d5bce6b2c61a8451493b35a9d5b52
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e1a49aa3949e02098f03b3f07e1f6876d491961d2b1d734ea1d4a89f91cbf71f
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 18F0D071D0161AAB8B20BBE1DC4CEEBBFACEE053517408525B506D2150E768D505CBF5
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046BBC0 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 35COMMON
                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                            control_flow_graph 1055 46bbc0-46bbdf GetClassNameW 1056 46bc07-46bc09 1055->1056 1057 46bbe1-46bbf6 call 463316 1055->1057 1058 46bc14-46bc16 1056->1058 1059 46bc0b-46bc0e SHAutoComplete 1056->1059 1062 46bc06 1057->1062 1063 46bbf8-46bc04 FindWindowExW 1057->1063 1059->1058 1062->1056 1063->1062
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • GetClassNameW.USER32(?,?,00000050), ref: 0046BBD7
                                                                                                                                                                                                                            • SHAutoComplete.SHLWAPI(?,00000010), ref: 0046BC0E
                                                                                                                                                                                                                              • Part of subcall function 00463316: CompareStringW.KERNEL32(00000400,00001001,?,000000FF,?,Function_00013316,0045D523,00000000,.exe,?,?,00000800,?,?,?,00469E5C), ref: 0046332C
                                                                                                                                                                                                                            • FindWindowExW.USER32(?,00000000,EDIT,00000000), ref: 0046BBFE
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AutoClassCompareCompleteFindNameStringWindow
                                                                                                                                                                                                                            • String ID: EDIT
                                                                                                                                                                                                                            • API String ID: 4243998846-3080729518
                                                                                                                                                                                                                            • Opcode ID: 4bb6d2ce7ed70a7dd396cb0e657e8bc9fda2dfdca31394993858dfe83497df4e
                                                                                                                                                                                                                            • Instruction ID: 3635d8b7eed183f223f495e85b525a48fafcecbb1d6a85596202adb4762a5109
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4bb6d2ce7ed70a7dd396cb0e657e8bc9fda2dfdca31394993858dfe83497df4e
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A1F0AE32A00B247BD73066659C05F9FB66CEF45B40F444126FD00F2280EB64DA4185FE
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046ED2E Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 31COMMON
                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                            control_flow_graph 1064 46ed2e-46ed59 call 46ffd0 SetEnvironmentVariableW call 46169e 1068 46ed5e-46ed62 1064->1068 1069 46ed86-46ed88 1068->1069 1070 46ed64-46ed68 1068->1070 1071 46ed71-46ed78 call 4617ba 1070->1071 1074 46ed6a-46ed70 1071->1074 1075 46ed7a-46ed80 SetEnvironmentVariableW 1071->1075 1074->1071 1075->1069
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • SetEnvironmentVariableW.KERNELBASE(sfxcmd,?), ref: 0046ED44
                                                                                                                                                                                                                            • SetEnvironmentVariableW.KERNEL32(sfxpar,-00000002,00000000,?,?,?,00001000), ref: 0046ED80
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: EnvironmentVariable
                                                                                                                                                                                                                            • String ID: sfxcmd$sfxpar
                                                                                                                                                                                                                            • API String ID: 1431749950-3493335439
                                                                                                                                                                                                                            • Opcode ID: c4e3099210628d9fd04edadd78c75bba81d6882bbb77a9cb657bc1d90f3b7545
                                                                                                                                                                                                                            • Instruction ID: 82167117a769511e5379007503d26c7b7357bc2f636fcfeb2261115356573f05
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c4e3099210628d9fd04edadd78c75bba81d6882bbb77a9cb657bc1d90f3b7545
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 29F0E576500232A7CB203B928C0DFAF7B98AF15B41B04042BFC8596152F668CC80C7BA
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00474DA2 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 27libraryCOMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                            control_flow_graph 1076 474da2-474db7 LoadLibraryExW 1077 474deb-474dec 1076->1077 1078 474db9-474dc2 GetLastError 1076->1078 1079 474dc4-474dd8 call 477468 1078->1079 1080 474de9 1078->1080 1079->1080 1083 474dda-474de8 LoadLibraryExW 1079->1083 1080->1077
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • LoadLibraryExW.KERNELBASE(00000011,00000000,00000800,?,00474D53,00000000,00000001,004B40C4,?,?,?,00474EF6,00000004,InitializeCriticalSectionEx,00487424,InitializeCriticalSectionEx), ref: 00474DAF
                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,00474D53,00000000,00000001,004B40C4,?,?,?,00474EF6,00000004,InitializeCriticalSectionEx,00487424,InitializeCriticalSectionEx,00000000,?,00474CAD), ref: 00474DB9
                                                                                                                                                                                                                            • LoadLibraryExW.KERNEL32(00000011,00000000,00000000,?,00000011,00473BF3), ref: 00474DE1
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: LibraryLoad$ErrorLast
                                                                                                                                                                                                                            • String ID: api-ms-
                                                                                                                                                                                                                            • API String ID: 3177248105-2084034818
                                                                                                                                                                                                                            • Opcode ID: add2503a8ca50e6568ba51ed73f57d09787a44ef021ee19127778460d4fefd6e
                                                                                                                                                                                                                            • Instruction ID: 20d5310fd19d4fb5fb1a81a4abd0c1b924192a508fc67f22bcf6d84cf14e2c9d
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: add2503a8ca50e6568ba51ed73f57d09787a44ef021ee19127778460d4fefd6e
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 29E04834284305B7DF202B71EC46BEE3F959B81B55F204475F94CE41E0D765D950968C
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0045A9E5 Relevance: 6.1, APIs: 4, Instructions: 56fileCOMMON
                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                            control_flow_graph 1084 45a9e5-45a9f1 1085 45a9f3-45a9fb GetStdHandle 1084->1085 1086 45a9fe-45aa15 ReadFile 1084->1086 1085->1086 1087 45aa17-45aa20 call 45ab1c 1086->1087 1088 45aa71 1086->1088 1092 45aa22-45aa2a 1087->1092 1093 45aa39-45aa3d 1087->1093 1090 45aa74-45aa77 1088->1090 1092->1093 1094 45aa2c 1092->1094 1095 45aa3f-45aa48 GetLastError 1093->1095 1096 45aa4e-45aa52 1093->1096 1099 45aa2d-45aa37 call 45a9e5 1094->1099 1095->1096 1100 45aa4a-45aa4c 1095->1100 1097 45aa54-45aa5c 1096->1097 1098 45aa6c-45aa6f 1096->1098 1097->1098 1101 45aa5e-45aa67 GetLastError 1097->1101 1098->1090 1099->1090 1100->1090 1101->1098 1103 45aa69-45aa6a 1101->1103 1103->1099
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • GetStdHandle.KERNEL32(000000F6), ref: 0045A9F5
                                                                                                                                                                                                                            • ReadFile.KERNELBASE(?,?,?,?,00000000), ref: 0045AA0D
                                                                                                                                                                                                                            • GetLastError.KERNEL32 ref: 0045AA3F
                                                                                                                                                                                                                            • GetLastError.KERNEL32 ref: 0045AA5E
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ErrorLast$FileHandleRead
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 2244327787-0
                                                                                                                                                                                                                            • Opcode ID: 4d3ef2641f40a2678a076992d6e79bc63c2afb04adaae62359cb1bf37ecc98a4
                                                                                                                                                                                                                            • Instruction ID: d243104b95d1d6936aa16d2a55f129ca4213f96fa0bc503e953b8770712401bc
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4d3ef2641f40a2678a076992d6e79bc63c2afb04adaae62359cb1bf37ecc98a4
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4211C631900214EBDF205F60D904A6F37A9BB41366F104B2BFD1681292D77C8E68DB5B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0047BEF4 Relevance: 6.1, APIs: 4, Instructions: 52libraryCOMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • LoadLibraryExW.KERNELBASE(00000000,00000000,00000800,004753FD,00000000,00000000,?,0047BE9B,004753FD,00000000,00000000,00000000,?,0047C098,00000006,FlsSetValue), ref: 0047BF26
                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,0047BE9B,004753FD,00000000,00000000,00000000,?,0047C098,00000006,FlsSetValue,00488A00,FlsSetValue,00000000,00000364,?,0047A5E7), ref: 0047BF32
                                                                                                                                                                                                                            • LoadLibraryExW.KERNEL32(00000000,00000000,00000000,?,0047BE9B,004753FD,00000000,00000000,00000000,?,0047C098,00000006,FlsSetValue,00488A00,FlsSetValue,00000000), ref: 0047BF40
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: LibraryLoad$ErrorLast
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 3177248105-0
                                                                                                                                                                                                                            • Opcode ID: 00f96ca579ab79a0454ce7e4e1edea442b25382b582db6a2c6fce12c65e391ba
                                                                                                                                                                                                                            • Instruction ID: fe185b1eeb2c5d6e101574504839955e967e33748a20fd61eb91f7c1d66e90b0
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 00f96ca579ab79a0454ce7e4e1edea442b25382b582db6a2c6fce12c65e391ba
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FB01F7322052279BCB218A78AC44B9B7B98EF45FA57258A35F90ED3250D724D801CBEC
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046C67E Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 77COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: _wcslen
                                                                                                                                                                                                                            • String ID: }
                                                                                                                                                                                                                            • API String ID: 176396367-4239843852
                                                                                                                                                                                                                            • Opcode ID: 864a341d3cfc1d3083aa8eb182b22be4c2b45e66bb9e97c96c56d0a7508fa26b
                                                                                                                                                                                                                            • Instruction ID: 09a18e1a75345181548d3a9fcdc8e47ef481a22e307f79c1f5d03fc341a24b92
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 864a341d3cfc1d3083aa8eb182b22be4c2b45e66bb9e97c96c56d0a7508fa26b
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1721FF625043065AD720EB64D885ABBB3ECDB81759F00442FF584C3241FB6CE94886AF
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046233E Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 49threadCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • CreateThread.KERNELBASE(00000000,00010000,Function_00012480,?,00000000,00000000), ref: 00462362
                                                                                                                                                                                                                            • SetThreadPriority.KERNEL32(?,00000000), ref: 004623A9
                                                                                                                                                                                                                              • Part of subcall function 004576E9: __vswprintf_c_l.LEGACY_STDIO_DEFINITIONS ref: 00457707
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Thread$CreatePriority__vswprintf_c_l
                                                                                                                                                                                                                            • String ID: CreateThread failed
                                                                                                                                                                                                                            • API String ID: 2655393344-3849766595
                                                                                                                                                                                                                            • Opcode ID: c1961d2e20987e35e6f0de6674a68bf1c1e6d7e58d6d12faaec8f607eef3817e
                                                                                                                                                                                                                            • Instruction ID: 70fd9767b62f6649fd806ac5ff67597c68a3878594743fe8efcdc54ec04c8e10
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c1961d2e20987e35e6f0de6674a68bf1c1e6d7e58d6d12faaec8f607eef3817e
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3F0126B1205B027FD7206F64AC81B677798EB51712F20013FFE42962C0DBE9A880872D
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0045B20A Relevance: 4.6, APIs: 3, Instructions: 111fileCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • GetStdHandle.KERNEL32(000000F5,?,?,?,?,0045E79B,00000001,?,?,?,00000000,004666C2,?,?,?), ref: 0045B22E
                                                                                                                                                                                                                            • WriteFile.KERNEL32(?,?,00000000,?,00000000,?,?,00000000,004666C2,?,?,?,?,?,00466184,?), ref: 0045B275
                                                                                                                                                                                                                            • WriteFile.KERNELBASE(0000001D,?,?,?,00000000,?,00000001,?,?,?,?,0045E79B,00000001,?,?), ref: 0045B2A1
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: FileWrite$Handle
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 4209713984-0
                                                                                                                                                                                                                            • Opcode ID: 19e6c3f7541ee9710b94ac161502142de7b607e6bf1c2b58c8f81cd7f70b0555
                                                                                                                                                                                                                            • Instruction ID: 5f04ab97492188c2d2e67e68dd33f0f76e5775d0eee0d030d985e7e898978f83
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 19e6c3f7541ee9710b94ac161502142de7b607e6bf1c2b58c8f81cd7f70b0555
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E8317E31148306AFDB148F10D818B6F7BA5FB81716F14496EFD816B291CB78994CCBEA
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0045B542 Relevance: 4.6, APIs: 3, Instructions: 55COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                              • Part of subcall function 0045D68B: _wcslen.LIBCMT ref: 0045D691
                                                                                                                                                                                                                            • CreateDirectoryW.KERNELBASE(?,00000000,?,?,?,0045B405,?,00000001,00000000,?,?), ref: 0045B569
                                                                                                                                                                                                                            • CreateDirectoryW.KERNEL32(?,00000000,?,?,00000800,?,?,?,?,0045B405,?,00000001,00000000,?,?), ref: 0045B59C
                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,?,?,?,0045B405,?,00000001,00000000,?,?), ref: 0045B5B9
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: CreateDirectory$ErrorLast_wcslen
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 2260680371-0
                                                                                                                                                                                                                            • Opcode ID: f32f4561860b4343c95060b6545a7be1084f752b79d21d2cc57098002fc13f4f
                                                                                                                                                                                                                            • Instruction ID: 1b5e9936565186103769099927f7a17226e9bee8ee683ab898dd4da274ca7524
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f32f4561860b4343c95060b6545a7be1084f752b79d21d2cc57098002fc13f4f
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5B019631204218BADF296B715C45BAF3248EF0678AF14041BFD02D5183E75C9A4987ED
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0047CA53 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 132COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • GetCPInfo.KERNEL32(5EFC4D8B,?,00000005,?,00000000), ref: 0047CA78
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Info
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1807457897-3916222277
                                                                                                                                                                                                                            • Opcode ID: bee1b20e80b5d028635fa84e7015952b8d60eb1662ec0fed04ceac1da1bbaa3e
                                                                                                                                                                                                                            • Instruction ID: 6076a9c0ce24115d6616039c01f13c8cae009c95c3d9cd5adbc008489e8a72e4
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: bee1b20e80b5d028635fa84e7015952b8d60eb1662ec0fed04ceac1da1bbaa3e
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FA41297150424C9EDB228E64DCC5BF6BBB9EB45304F1448EEE58E87142D239AA458F68
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046EBA2 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 53COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • __EH_prolog.LIBCMT ref: 0046EBA7
                                                                                                                                                                                                                              • Part of subcall function 00461983: _wcslen.LIBCMT ref: 00461999
                                                                                                                                                                                                                              • Part of subcall function 00458823: __EH_prolog.LIBCMT ref: 00458828
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            • C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe, xrefs: 0046EBE0
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: H_prolog$_wcslen
                                                                                                                                                                                                                            • String ID: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                                                            • API String ID: 2838827086-3493000031
                                                                                                                                                                                                                            • Opcode ID: 83482faf6e44038d542ef209fa38a8a8d25433074168b5a201e14385aeb691ec
                                                                                                                                                                                                                            • Instruction ID: 5bb592fc5c23dd966f40edfab1bdc7d2d02c860a8ce448c714a617721ae1448d
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 83482faf6e44038d542ef209fa38a8a8d25433074168b5a201e14385aeb691ec
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1511E771905240AED700FB69AC46BDD7FA8DB26318F10807FE449522A3DFBD1648CB6E
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0047C12C Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 47COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • LCMapStringW.KERNEL32(00000000,?,00000000,?,?,?,?,?,?,?,?,?,62E85006,00000001,?,000000FF), ref: 0047C19D
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: String
                                                                                                                                                                                                                            • String ID: LCMapStringEx
                                                                                                                                                                                                                            • API String ID: 2568140703-3893581201
                                                                                                                                                                                                                            • Opcode ID: 56d4bcc891741c6a184598b146eafd1c493b93f7afcfce139e0edcea04755985
                                                                                                                                                                                                                            • Instruction ID: a3d96f1abc9eaa6ad1ced4dd4cf5d33ffa21764eafd5ee0dd402f439b9c9d631
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 56d4bcc891741c6a184598b146eafd1c493b93f7afcfce139e0edcea04755985
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 42012932541109BBCF12AF91DC01EDE7FA2EF08760F44856AFE0825161CB368971AF88
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0047C0CA Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 34COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • InitializeCriticalSectionAndSpinCount.KERNEL32(?,?,0047B72F), ref: 0047C115
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: CountCriticalInitializeSectionSpin
                                                                                                                                                                                                                            • String ID: InitializeCriticalSectionEx
                                                                                                                                                                                                                            • API String ID: 2593887523-3084827643
                                                                                                                                                                                                                            • Opcode ID: 2128e387fdcd625b3bb40662e9c617f982569f4250dadda6d2d3d02133e4c710
                                                                                                                                                                                                                            • Instruction ID: 0e6973a423eba94e5178fc8cc3fc593ff38dd9b9ef5f35d8ce8c47d9410e7ab5
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2128e387fdcd625b3bb40662e9c617f982569f4250dadda6d2d3d02133e4c710
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F2F0B431641218BBCB15AF95CC06EDE7F61DF587A0B80846FFC0926261CB3559119B98
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0047BF6F Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 30memoryCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Alloc
                                                                                                                                                                                                                            • String ID: FlsAlloc
                                                                                                                                                                                                                            • API String ID: 2773662609-671089009
                                                                                                                                                                                                                            • Opcode ID: 0511c57b65dd81285e52920b401aea4d679427d88af9033b03c33e1b5dfbedbb
                                                                                                                                                                                                                            • Instruction ID: 00e84fae5821c78675de724f5a46b2bc423eb8b5387f073082fbe2452f2c6397
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0511c57b65dd81285e52920b401aea4d679427d88af9033b03c33e1b5dfbedbb
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3CE05571640218AB82107B608C06BBEBB94CB58B20B9240AFFC08A3240CF381D018BCE
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046FD58 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 10COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046FD6A
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID: 3To
                                                                                                                                                                                                                            • API String ID: 1269201914-245939750
                                                                                                                                                                                                                            • Opcode ID: 4f87615e3c1de72215d0c0a5fc90451292ac56c4a468af70d9465cc26fccc4bf
                                                                                                                                                                                                                            • Instruction ID: 85e5b6dffa0c0703c53b18c044c7c11315e81d7aea7eb74cdd367f99af4de67a
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4f87615e3c1de72215d0c0a5fc90451292ac56c4a468af70d9465cc26fccc4bf
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A7B092D12695007D230831193803B3B0218C980B15730892BF08280081A44C1C4D003B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0047CDB0 Relevance: 3.2, APIs: 2, Instructions: 168COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                              • Part of subcall function 0047C97B: GetOEMCP.KERNEL32(00000000,?,?,0047CC04,?), ref: 0047C9A6
                                                                                                                                                                                                                            • IsValidCodePage.KERNEL32(-00000030,00000000,?,?,?,?,0047CC49,?,00000000), ref: 0047CE24
                                                                                                                                                                                                                            • GetCPInfo.KERNEL32(00000000,0047CC49,?,?,?,0047CC49,?,00000000), ref: 0047CE37
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: CodeInfoPageValid
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 546120528-0
                                                                                                                                                                                                                            • Opcode ID: 2ce2f4f9fd5e2fa46964e6f0205891d84848a0f0eb7bb051d2da31392246ebe5
                                                                                                                                                                                                                            • Instruction ID: e838d68fddbeccb15dcbb7bb9110df5f4c2b193c1205c089853fbeb4327bc5b3
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2ce2f4f9fd5e2fa46964e6f0205891d84848a0f0eb7bb051d2da31392246ebe5
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5D51E2B1A042059EDB208F75C8C16FBBBE6AF41314F14C46FD09E8A292D73D9946CB99
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0045ACD4 Relevance: 3.1, APIs: 2, Instructions: 134COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • SetFilePointer.KERNELBASE(000000FF,?,?,?,-000018C0,00000000,00000800,?,0045ACB0,?,?,00000000,?,?,00459C8B,?), ref: 0045AE3A
                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,?,00459C8B,?,?,?,-000018C0,?,-00002908,00000000,-00000880,?,00000000,?,?,00000000), ref: 0045AE49
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ErrorFileLastPointer
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 2976181284-0
                                                                                                                                                                                                                            • Opcode ID: 2fa90ac9421bf407e752278dba7f51a9165b4c4a3457d0f2af95b8378a490cc2
                                                                                                                                                                                                                            • Instruction ID: 653ec956c2f3306c6e9489b592db6f2b607517be972b14f0bf66e35c522a7257
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2fa90ac9421bf407e752278dba7f51a9165b4c4a3457d0f2af95b8378a490cc2
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D141D0342043459BD724BE24C8846AE73B6EB88357F10072BEC4683A52D7789CAD8B5B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0047CBE7 Relevance: 3.1, APIs: 2, Instructions: 91COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                              • Part of subcall function 0047A515: GetLastError.KERNEL32(?,004930C4,00475982,004930C4,?,?,004753FD,?,?,004930C4), ref: 0047A519
                                                                                                                                                                                                                              • Part of subcall function 0047A515: _free.LIBCMT ref: 0047A54C
                                                                                                                                                                                                                              • Part of subcall function 0047A515: SetLastError.KERNEL32(00000000,?,004930C4), ref: 0047A58D
                                                                                                                                                                                                                              • Part of subcall function 0047A515: _abort.LIBCMT ref: 0047A593
                                                                                                                                                                                                                              • Part of subcall function 0047CD0E: _abort.LIBCMT ref: 0047CD40
                                                                                                                                                                                                                              • Part of subcall function 0047CD0E: _free.LIBCMT ref: 0047CD74
                                                                                                                                                                                                                              • Part of subcall function 0047C97B: GetOEMCP.KERNEL32(00000000,?,?,0047CC04,?), ref: 0047C9A6
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047CC5F
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047CC95
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: _free$ErrorLast_abort
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 2991157371-0
                                                                                                                                                                                                                            • Opcode ID: f324047f102248713db8e0bcade764ae7f821fbb6949676925d3d161d6f5bca9
                                                                                                                                                                                                                            • Instruction ID: 6190d81692e7ddb855e4ef7d3dbbf042725c3f4e44475da0895abc6361c47656
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f324047f102248713db8e0bcade764ae7f821fbb6949676925d3d161d6f5bca9
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7631D371900204AFDB11EF69D481ADE77F5EF40324F2580AFE40CAB291EB3A9D41DB48
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0045B032 Relevance: 3.1, APIs: 2, Instructions: 83timeCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • FlushFileBuffers.KERNEL32(?,?,?,?,?,?,00457ED0,?,?,?,00000000), ref: 0045B04C
                                                                                                                                                                                                                            • SetFileTime.KERNELBASE(?,?,?,?), ref: 0045B100
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: File$BuffersFlushTime
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1392018926-0
                                                                                                                                                                                                                            • Opcode ID: 7ad372b68ebc1e2f6e5654ec09f2ecf3309d80c29e809a95d93be1f250a595f6
                                                                                                                                                                                                                            • Instruction ID: 10286ff07f598a777740cea0292c6a382499e19fc8b96fd1b0e087a340ea9bc4
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7ad372b68ebc1e2f6e5654ec09f2ecf3309d80c29e809a95d93be1f250a595f6
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E4210631249241EFC714DE75C491AABBBE4EF51B05F04491EF8E183292D32DD90CD7A6
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0045A8CE Relevance: 3.1, APIs: 2, Instructions: 82fileCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • CreateFileW.KERNELBASE(?,?,00000001,00000000,00000002,00000000,00000000,?,00000000,?,?,?,0045B1B7,?,?,004581FD), ref: 0045A946
                                                                                                                                                                                                                            • CreateFileW.KERNEL32(?,?,00000001,00000000,00000002,00000000,00000000,?,?,00000800,?,?,0045B1B7,?,?,004581FD), ref: 0045A976
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: CreateFile
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 823142352-0
                                                                                                                                                                                                                            • Opcode ID: 4daf67186f04a8eac559868e000452f5828ef6845a14c87b831bb839deec711d
                                                                                                                                                                                                                            • Instruction ID: 9cd4bb0f4fbbf1b247780242e17b0bb7523dee377dbaa7e864c5770d1812466f
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4daf67186f04a8eac559868e000452f5828ef6845a14c87b831bb839deec711d
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9021D6B15043546EE3309A25CC88BB776DCEB49326F010B1EFDD5C22D2C778A8898676
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00451F30 Relevance: 3.1, APIs: 2, Instructions: 77COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • __EH_prolog.LIBCMT ref: 00451F35
                                                                                                                                                                                                                              • Part of subcall function 004542F1: __EH_prolog.LIBCMT ref: 004542F6
                                                                                                                                                                                                                            • _wcslen.LIBCMT ref: 00451FDA
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: H_prolog$_wcslen
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 2838827086-0
                                                                                                                                                                                                                            • Opcode ID: ed55fb7b574d851dcf0b88ccbc5088c91d8edfc0d91f3cad3b4ecf3d9737a86b
                                                                                                                                                                                                                            • Instruction ID: faed27e94ecf7413e3fe636d85cb712b6ab7f379ade0ec536d4d20cec9837243
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ed55fb7b574d851dcf0b88ccbc5088c91d8edfc0d91f3cad3b4ecf3d9737a86b
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7421B172904618AFCF11AF99C881AEEFBB5BF08308F10042FF845A7262C7795955CF58
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00474D02 Relevance: 3.1, APIs: 2, Instructions: 67libraryloaderCOMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • FreeLibrary.KERNEL32(00000000,00000001,004B40C4,?,?,?,00474EF6,00000004,InitializeCriticalSectionEx,00487424,InitializeCriticalSectionEx,00000000,?,00474CAD,004B40C4,00000FA0), ref: 00474D85
                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(00000000,?), ref: 00474D8F
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AddressFreeLibraryProc
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 3013587201-0
                                                                                                                                                                                                                            • Opcode ID: e3e46a4bb16834177cbe6b45c484bd6c750fea55e3f6c68b7aa54ab2c204a260
                                                                                                                                                                                                                            • Instruction ID: 933a5b54cba3cd8331a2693655357be97a189bd3bb3280e76558b20fdc6350ae
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e3e46a4bb16834177cbe6b45c484bd6c750fea55e3f6c68b7aa54ab2c204a260
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C21172356005159F9F33CFA4D8409FA73A9EBC6360724416AE94997350E734DD01C799
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0045B110 Relevance: 3.1, APIs: 2, Instructions: 56COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • SetFilePointer.KERNELBASE(000000FF,00000000,00000000,00000001), ref: 0045B157
                                                                                                                                                                                                                            • GetLastError.KERNEL32 ref: 0045B164
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ErrorFileLastPointer
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 2976181284-0
                                                                                                                                                                                                                            • Opcode ID: e5c0faad24b4c70cb79c9018cd031b92732e49944754f70a01f02c18c686b641
                                                                                                                                                                                                                            • Instruction ID: 42defeaafae0d8fe8eff7ca09c59485a8c5ebee857f58e72337869c265e8fee2
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e5c0faad24b4c70cb79c9018cd031b92732e49944754f70a01f02c18c686b641
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D5112930600B01ABD7249A24C855767B3E8FB453A2F10462EE992932C1E778ED09C798
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0047A6A4 Relevance: 3.0, APIs: 2, Instructions: 44memoryCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047A6C5
                                                                                                                                                                                                                              • Part of subcall function 0047A7FE: RtlAllocateHeap.NTDLL(00000000,?,?,?,00475594,?,0000015D,?,?,?,?,00476A70,000000FF,00000000,?,?), ref: 0047A830
                                                                                                                                                                                                                            • HeapReAlloc.KERNEL32(00000000,?,?,?,?,004930C4,0045187A,?,?,00000007,?,?,?,004513F2,?,00000000), ref: 0047A701
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Heap$AllocAllocate_free
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 2447670028-0
                                                                                                                                                                                                                            • Opcode ID: f9e839a992ed594df309ccd0c1c1cdc3cbdc169ad00049b24263284b13c9e054
                                                                                                                                                                                                                            • Instruction ID: 077b91b8bf325a6a6cad6e0a7c9f508d213b1bc841775b089f7da5b997ec77ab
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f9e839a992ed594df309ccd0c1c1cdc3cbdc169ad00049b24263284b13c9e054
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3DF0C831105111A78B212A265C01FDF27189FC1BB0B18C11BF89C96291EF2CDC71956F
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 004623BD Relevance: 3.0, APIs: 2, Instructions: 33COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • GetCurrentProcess.KERNEL32(?,?), ref: 004623CA
                                                                                                                                                                                                                            • GetProcessAffinityMask.KERNEL32(00000000), ref: 004623D1
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Process$AffinityCurrentMask
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1231390398-0
                                                                                                                                                                                                                            • Opcode ID: 6779f5f9f3c98eac51d043421c739a79f8345d4196c3616d88001e5cc04a35e4
                                                                                                                                                                                                                            • Instruction ID: 1ceab845b6b36081899e32dfd128ed4f5000139a1771f619adf69e4303371c2b
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 6779f5f9f3c98eac51d043421c739a79f8345d4196c3616d88001e5cc04a35e4
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CCE0D832B10605B78F098BF4AD058EFB3DCEA45204320857BA903E3300FABCDD4547A5
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0045B8E6 Relevance: 3.0, APIs: 2, Instructions: 29COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • SetFileAttributesW.KERNELBASE(?,00000000,00000001,?,0045B5B5,?,?,?,0045B405,?,00000001,00000000,?,?), ref: 0045B8FA
                                                                                                                                                                                                                              • Part of subcall function 0045CF32: _wcslen.LIBCMT ref: 0045CF56
                                                                                                                                                                                                                            • SetFileAttributesW.KERNEL32(?,00000000,?,?,00000800,?,0045B5B5,?,?,?,0045B405,?,00000001,00000000,?,?), ref: 0045B92B
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AttributesFile$_wcslen
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 2673547680-0
                                                                                                                                                                                                                            • Opcode ID: 7f4f0b47803feec10ea0720dfb079757352efb42fa713ddef07ae555ea6085d3
                                                                                                                                                                                                                            • Instruction ID: db4cc62a6da4960a94f8aaea75963947cb7f5aefe0f5c023d3c4c0ae61ed3d1b
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7f4f0b47803feec10ea0720dfb079757352efb42fa713ddef07ae555ea6085d3
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 41F0A93110420ABBDF115FA1CC40BDF376CFB053CAF00806ABA44E6265EB75DD989BA8
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0045B470 Relevance: 3.0, APIs: 2, Instructions: 27fileCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • DeleteFileW.KERNELBASE(?,00000000,?,0045A438,?,?,?,?,0045892B,?,?,?,0048380F,000000FF), ref: 0045B481
                                                                                                                                                                                                                              • Part of subcall function 0045CF32: _wcslen.LIBCMT ref: 0045CF56
                                                                                                                                                                                                                            • DeleteFileW.KERNEL32(?,?,?,00000800,?,0045A438,?,?,?,?,0045892B,?,?,?,0048380F,000000FF), ref: 0045B4AF
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: DeleteFile$_wcslen
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 2643169976-0
                                                                                                                                                                                                                            • Opcode ID: dfd9fcbfe15f7f8d94ad023a196aec9c3c5f3dd3060228f153d75303ec9a631c
                                                                                                                                                                                                                            • Instruction ID: c993ba262677304d3e56cf319977a1f54114146147ce94d9410f038c62b0ba3c
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: dfd9fcbfe15f7f8d94ad023a196aec9c3c5f3dd3060228f153d75303ec9a631c
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 29E092321402196BEB115B61DC41FDF375DBB05787F44403ABE45D2192EB68DD88AB98
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046BD81 Relevance: 3.0, APIs: 2, Instructions: 26comCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • GdiplusShutdown.GDIPLUS(?,?,?,?,0048380F,000000FF), ref: 0046BDB5
                                                                                                                                                                                                                            • OleUninitialize.OLE32(?,?,?,?,0048380F,000000FF), ref: 0046BDBA
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: GdiplusShutdownUninitialize
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 3856339756-0
                                                                                                                                                                                                                            • Opcode ID: 7e6fcf8be96fa85a15a8f4000c602e7e656c65d3397106f31764cf67e863de4d
                                                                                                                                                                                                                            • Instruction ID: da9a1b43774a9bd8dbfcbdca9befdf5ffb8eb64cddd9fb200c67f5941336a08b
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7e6fcf8be96fa85a15a8f4000c602e7e656c65d3397106f31764cf67e863de4d
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 83E06572504550EFC710AB4DDC05B09FBA9FB88B24F14467AF416937A0CB746801CA99
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F002 Relevance: 3.0, APIs: 2, Instructions: 25COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • _swprintf.LIBCMT ref: 0046F02C
                                                                                                                                                                                                                              • Part of subcall function 00454A20: __vswprintf_c_l.LEGACY_STDIO_DEFINITIONS ref: 00454A33
                                                                                                                                                                                                                            • SetDlgItemTextW.USER32(00000065,?), ref: 0046F043
                                                                                                                                                                                                                              • Part of subcall function 0046C758: PeekMessageW.USER32(?,00000000,00000000,00000000,00000000), ref: 0046C769
                                                                                                                                                                                                                              • Part of subcall function 0046C758: GetMessageW.USER32(?,00000000,00000000,00000000), ref: 0046C77A
                                                                                                                                                                                                                              • Part of subcall function 0046C758: IsDialogMessageW.USER32(0001047A,?), ref: 0046C78E
                                                                                                                                                                                                                              • Part of subcall function 0046C758: TranslateMessage.USER32(?), ref: 0046C79C
                                                                                                                                                                                                                              • Part of subcall function 0046C758: DispatchMessageW.USER32(?), ref: 0046C7A6
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Message$DialogDispatchItemPeekTextTranslate__vswprintf_c_l_swprintf
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 2718869927-0
                                                                                                                                                                                                                            • Opcode ID: 5c4a094ffec24df57b1bc8ea8ac20be6752044fee81d0733b8b2328141a30943
                                                                                                                                                                                                                            • Instruction ID: 5c1281f51f0e1dbbe287a476c55c40063124920484dccb8bcd069ab1895b4ba6
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5c4a094ffec24df57b1bc8ea8ac20be6752044fee81d0733b8b2328141a30943
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3CE09B7551424836DF016766DC0AFAA365C5B1438EF440477B641960A3D6B899148B6B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0045B4D3 Relevance: 3.0, APIs: 2, Instructions: 25COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • GetFileAttributesW.KERNELBASE(?,?,?,0045B4CA,?,00458042,?), ref: 0045B4E4
                                                                                                                                                                                                                              • Part of subcall function 0045CF32: _wcslen.LIBCMT ref: 0045CF56
                                                                                                                                                                                                                            • GetFileAttributesW.KERNELBASE(?,?,?,00000800,?,?,0045B4CA,?,00458042,?), ref: 0045B510
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AttributesFile$_wcslen
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 2673547680-0
                                                                                                                                                                                                                            • Opcode ID: d46496ac2468f3e44d243bee9d41691dac8c4e1bc44871f7fc3c3dfeeaa7ac85
                                                                                                                                                                                                                            • Instruction ID: 212effdf03caf77dc8995caef9facb9bce4a353627378fbb25e198edbcd467ab
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d46496ac2468f3e44d243bee9d41691dac8c4e1bc44871f7fc3c3dfeeaa7ac85
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B4E092325003287BCB20AB64DC04BDE7758EB4A3EAF000176FE85E3296E7749D448BD8
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00461B3B Relevance: 3.0, APIs: 2, Instructions: 24libraryCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • GetSystemDirectoryW.KERNEL32(?,00000800), ref: 00461B56
                                                                                                                                                                                                                            • LoadLibraryW.KERNELBASE(?,?,?,?,00000800,?,0046063A,Crypt32.dll,00000000,004606B4,00000200,?,00460697,00000000,00000000,?), ref: 00461B78
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: DirectoryLibraryLoadSystem
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1175261203-0
                                                                                                                                                                                                                            • Opcode ID: eb6eaa19688a76e87bb9446623726a5315a96cba5f82c6ff31fabd463db2d925
                                                                                                                                                                                                                            • Instruction ID: 50b611e92453c400e60a0e61c043779f68b5e1b379d4c72fbc2a6307d087de19
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: eb6eaa19688a76e87bb9446623726a5315a96cba5f82c6ff31fabd463db2d925
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 42E048769001186ADB1197A5DC04FDF77ACEF497C1F04047AB645D2044EA78DAC4CBB5
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046B3C8 Relevance: 3.0, APIs: 2, Instructions: 23windowCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • GdipCreateBitmapFromStreamICM.GDIPLUS(?,?), ref: 0046B3E9
                                                                                                                                                                                                                            • GdipCreateBitmapFromStream.GDIPLUS(?,?), ref: 0046B3F0
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: BitmapCreateFromGdipStream
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1918208029-0
                                                                                                                                                                                                                            • Opcode ID: 0a7067b255b436cfb4c10959e5419735df2ac61ba9c26b6f5360129f38fbe377
                                                                                                                                                                                                                            • Instruction ID: 8b8d37b9e9032279aedb95fe2c841cf90dfc84b53138211b8ba7547e9500f2be
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0a7067b255b436cfb4c10959e5419735df2ac61ba9c26b6f5360129f38fbe377
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7FE0ED71500218EBDB10EF99C54169DB7ECEB04354F20C06FE99693700E378AE889B96
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00473D1C Relevance: 3.0, APIs: 2, Instructions: 19COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___vcrt_FlsSetValue.LIBVCRUNTIME ref: 00473D3A
                                                                                                                                                                                                                            • ___vcrt_uninitialize_ptd.LIBVCRUNTIME ref: 00473D45
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Value___vcrt____vcrt_uninitialize_ptd
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1660781231-0
                                                                                                                                                                                                                            • Opcode ID: 95916b5029f4de68274d58c01f621f0b3a5f033b6d8350140a5e99239065168c
                                                                                                                                                                                                                            • Instruction ID: 3e857b5d82986384b3a938295fca80920205126a97048a763e8ab6f0b6e7657c
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 95916b5029f4de68274d58c01f621f0b3a5f033b6d8350140a5e99239065168c
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DFD0A735408711589C343EB92C025DA13445861B7BFB0D65BE52C9A1C1DF1C8601702E
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 004512D1 Relevance: 3.0, APIs: 2, Instructions: 11COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ItemShowWindow
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 3351165006-0
                                                                                                                                                                                                                            • Opcode ID: 62da324857b4ec8995fcdaf9239b7cdb47a244a0b4b0903ffbd8c70f0879f8a6
                                                                                                                                                                                                                            • Instruction ID: 0a35837c35611d6602ab205edfaec8c95a96ef46584177fdf8bd26b63a82406d
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 62da324857b4ec8995fcdaf9239b7cdb47a244a0b4b0903ffbd8c70f0879f8a6
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C9C01272858A00BFCB021BB8DC09E2ABBA8ABA4212F10CA28F0A6C1060C239C010DB11
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00451AD3 Relevance: 1.8, APIs: 1, Instructions: 319COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: H_prolog
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 3519838083-0
                                                                                                                                                                                                                            • Opcode ID: 77e5429403f2635b9ee67a8e0fc5bbf790f5ae8ea0800463b4ea24bcbb43b329
                                                                                                                                                                                                                            • Instruction ID: 7b0bd814cc011b81bb9d9a3b0ab565c070f5262ba6195439194ca353423d1b64
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 77e5429403f2635b9ee67a8e0fc5bbf790f5ae8ea0800463b4ea24bcbb43b329
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7CC19330A042559BDF15CF28C4847AE7BA5AF46311F1801BFEC069B3A7C7799A48CB69
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 004542F1 Relevance: 1.7, APIs: 1, Instructions: 177COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: H_prolog
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 3519838083-0
                                                                                                                                                                                                                            • Opcode ID: efd732d1d6cb5ca9eea4cb434d28b8c090e0548f0f607d888d68dc0159cf815b
                                                                                                                                                                                                                            • Instruction ID: 26ed57b3dba9baad99e39633f1eaf87fd3c9827b6744be450ee3871eb872737e
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: efd732d1d6cb5ca9eea4cb434d28b8c090e0548f0f607d888d68dc0159cf815b
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BE71F8B1504B89AFC725DB70C8519E7B7E4BF45305F04092FEAAB47142E7787648CB19
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 004590A2 Relevance: 1.6, APIs: 1, Instructions: 114COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • __EH_prolog.LIBCMT ref: 004590A7
                                                                                                                                                                                                                              • Part of subcall function 004513F8: __EH_prolog.LIBCMT ref: 004513FD
                                                                                                                                                                                                                              • Part of subcall function 00452032: __EH_prolog.LIBCMT ref: 00452037
                                                                                                                                                                                                                              • Part of subcall function 0045B966: FindClose.KERNELBASE(00000000,000000FF,?,?), ref: 0045B991
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: H_prolog$CloseFind
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 2506663941-0
                                                                                                                                                                                                                            • Opcode ID: 04095cc9b062076d6b6c28e89b817781c3e52f6f075bd889ff65b77fa9bb8160
                                                                                                                                                                                                                            • Instruction ID: 17c1976772b3bab61d0097c73ab3df0d430eb21cde934c29997afa1feb5afab2
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 04095cc9b062076d6b6c28e89b817781c3e52f6f075bd889ff65b77fa9bb8160
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8441E671904214AADB24EB61C8A5AEA7379AF00345F0404EFF98A671C3DBB95F8CCF15
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 004513FD Relevance: 1.6, APIs: 1, Instructions: 107COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • __EH_prolog.LIBCMT ref: 004513FD
                                                                                                                                                                                                                              • Part of subcall function 00456891: __EH_prolog.LIBCMT ref: 00456896
                                                                                                                                                                                                                              • Part of subcall function 0045E298: __EH_prolog.LIBCMT ref: 0045E29D
                                                                                                                                                                                                                              • Part of subcall function 0045644D: __EH_prolog.LIBCMT ref: 00456452
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: H_prolog
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 3519838083-0
                                                                                                                                                                                                                            • Opcode ID: 2aaf341f75b66d0ced05c8f78dc8d84225edb7867ea4cc75c3dda84a066779af
                                                                                                                                                                                                                            • Instruction ID: 0b2739ed0416740c3eb59c27bb494281626cda317444f2a7e02e5889bd196df8
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2aaf341f75b66d0ced05c8f78dc8d84225edb7867ea4cc75c3dda84a066779af
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CC5138B19063808ECB14DF2994806D9BBE5AF59304F0802BEEC5DCF79BD7795218CB66
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 004513F8 Relevance: 1.6, APIs: 1, Instructions: 106COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • __EH_prolog.LIBCMT ref: 004513FD
                                                                                                                                                                                                                              • Part of subcall function 00456891: __EH_prolog.LIBCMT ref: 00456896
                                                                                                                                                                                                                              • Part of subcall function 0045E298: __EH_prolog.LIBCMT ref: 0045E29D
                                                                                                                                                                                                                              • Part of subcall function 0045644D: __EH_prolog.LIBCMT ref: 00456452
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: H_prolog
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 3519838083-0
                                                                                                                                                                                                                            • Opcode ID: 5cb20d168dd72f94c419b18b96fb193116698f6f6a4cfb0593dea0f3a7698579
                                                                                                                                                                                                                            • Instruction ID: 3c7e65fffd8785dc36a91a8c29de566c8ae3f4e9622bc3e5402397c8ef71c122
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5cb20d168dd72f94c419b18b96fb193116698f6f6a4cfb0593dea0f3a7698579
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1A5158B19063808ECB14DF6994806D97BE1AF59304F0802BEEC5DCF79BD7791218CB66
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 004647AD Relevance: 1.6, APIs: 1, Instructions: 89COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: H_prolog
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 3519838083-0
                                                                                                                                                                                                                            • Opcode ID: 84c532a1aada21d28c1388dc88708c06e9285d5a5885c339ff1135d135ffd917
                                                                                                                                                                                                                            • Instruction ID: 350c6d1dd345424e15ca5eb84c9f058a2916e787b84e1538fcaeb9d401ccb942
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 84c532a1aada21d28c1388dc88708c06e9285d5a5885c339ff1135d135ffd917
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 852106B5E41211ABDB14AF79CC41A9B76A8FF44318F04413FE509EB781E3789D00869D
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046C217 Relevance: 1.6, APIs: 1, Instructions: 72COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • __EH_prolog.LIBCMT ref: 0046C21C
                                                                                                                                                                                                                              • Part of subcall function 004513F8: __EH_prolog.LIBCMT ref: 004513FD
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: H_prolog
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 3519838083-0
                                                                                                                                                                                                                            • Opcode ID: 461ceaa20b5dd6fabbee94020950054cda0ac60965ca00c1f58567221c21aba3
                                                                                                                                                                                                                            • Instruction ID: 67d596472bd39aeec9eb57c3cb23f4c96fe239b1f12f1c8cdbd5007aa1fbe6f4
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 461ceaa20b5dd6fabbee94020950054cda0ac60965ca00c1f58567221c21aba3
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 66218D71C04219AFCF15EF95C891AEEB774BF04308F0000AFE849B3252E7796A49DB69
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0047BE58 Relevance: 1.6, APIs: 1, Instructions: 65libraryloaderCOMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(00000000,?), ref: 0047BEB8
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AddressProc
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 190572456-0
                                                                                                                                                                                                                            • Opcode ID: 177a4a75e1a41d1cb71754e069a4dab243721fc39d5e27b9cffc15b87fd7d203
                                                                                                                                                                                                                            • Instruction ID: b838598d31bb07ffc9bf23a685cbc394d69ce73c312108c063d53b19918e5e01
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 177a4a75e1a41d1cb71754e069a4dab243721fc39d5e27b9cffc15b87fd7d203
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5411E337A005255F9B229E69DC40AEB73A5DB803207168232EE58AB344DB34EC4187D9
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0045A475 Relevance: 1.6, APIs: 1, Instructions: 59COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: H_prolog
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 3519838083-0
                                                                                                                                                                                                                            • Opcode ID: db5f353981708eaccae5eb7533f7cf0f9195b8e295e33e1b9ef3e17a6f50dd8b
                                                                                                                                                                                                                            • Instruction ID: 7e9a0ec249e6eeff02c9a2d04863b1199dd91325db3b44915e20edd2145c8d10
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: db5f353981708eaccae5eb7533f7cf0f9195b8e295e33e1b9ef3e17a6f50dd8b
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EC110432900529A78B15EFA9C891AAFB374AF45705F00421FFC05A7303DB788D088699
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0047D639 Relevance: 1.6, APIs: 1, Instructions: 52COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                              • Part of subcall function 0047C2F6: RtlAllocateHeap.NTDLL(00000008,?,00000000,?,0047A543,00000001,00000364,?,004753FD,?,?,004930C4), ref: 0047C337
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047D6A5
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AllocateHeap_free
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 614378929-0
                                                                                                                                                                                                                            • Opcode ID: 7d30b6ea8507d2c13b34e354a80f4644266152c8881b27fa68bdf41323802f68
                                                                                                                                                                                                                            • Instruction ID: f589656f6b0cbc0f411faf8c972e9410234c2a808fd238bf9368de5cdca9bd3d
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7d30b6ea8507d2c13b34e354a80f4644266152c8881b27fa68bdf41323802f68
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7E01D672600345ABE3318E69DC8199AFBE9EFD5370F25461EE59D93280EA34A805C67C
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0047C2F6 Relevance: 1.5, APIs: 1, Instructions: 39memoryCOMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • RtlAllocateHeap.NTDLL(00000008,?,00000000,?,0047A543,00000001,00000364,?,004753FD,?,?,004930C4), ref: 0047C337
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AllocateHeap
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1279760036-0
                                                                                                                                                                                                                            • Opcode ID: 4c0cb6a5b00b3860e91c4185d555b126483f87ecf8bf46b919da0bf22b1cd8a4
                                                                                                                                                                                                                            • Instruction ID: 7a686f76c84fa539966e5177051e3814fc046f606e157d7c2ca95fc352322e7e
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4c0cb6a5b00b3860e91c4185d555b126483f87ecf8bf46b919da0bf22b1cd8a4
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B2F0B431604524A7DB211B669D85AEB77489F817A1B14C52FAC0CE7290DA2CDA0182ED
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0047A7FE Relevance: 1.5, APIs: 1, Instructions: 32memoryCOMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • RtlAllocateHeap.NTDLL(00000000,?,?,?,00475594,?,0000015D,?,?,?,?,00476A70,000000FF,00000000,?,?), ref: 0047A830
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AllocateHeap
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1279760036-0
                                                                                                                                                                                                                            • Opcode ID: c442a2579a51943857f59e6378abccbd6e84f099155fc984f9e116926eab33dd
                                                                                                                                                                                                                            • Instruction ID: e0cff381e202a4d1ba28ff077141dcf61696576e4719f40c69965f51dc968ea8
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c442a2579a51943857f59e6378abccbd6e84f099155fc984f9e116926eab33dd
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 77E0303110422156E6313A669D05BDF7A489BC17A4B16C527A80D962D2DB1CC822C6EF
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0045A880 Relevance: 1.5, APIs: 1, Instructions: 30COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • FindCloseChangeNotification.KERNELBASE(000000FF,?,?,0045A83D,?,?,?,?,?,0048380F,000000FF), ref: 0045A89B
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ChangeCloseFindNotification
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 2591292051-0
                                                                                                                                                                                                                            • Opcode ID: 8da905ddc5bbbc5e92a944c1cf0a5536d9c3f3d83ac3f8b0997ed4a4258319ce
                                                                                                                                                                                                                            • Instruction ID: 23069adb25a67e26aacce1b73545c948a02d6d98031b05f7750f1a4aa3644a90
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8da905ddc5bbbc5e92a944c1cf0a5536d9c3f3d83ac3f8b0997ed4a4258319ce
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 88F0E230082B018FDB309A24D458793B7E4AF12337F040B6FC4F243AE5D368699E8B45
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0045B966 Relevance: 1.5, APIs: 1, Instructions: 27COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                              • Part of subcall function 0045BA94: FindFirstFileW.KERNELBASE(?,?,?,?,?,?,0045B98B,000000FF,?,?), ref: 0045BABD
                                                                                                                                                                                                                              • Part of subcall function 0045BA94: FindFirstFileW.KERNEL32(?,?,?,?,00000800,?,?,?,?,0045B98B,000000FF,?,?), ref: 0045BAEB
                                                                                                                                                                                                                              • Part of subcall function 0045BA94: GetLastError.KERNEL32(?,?,00000800,?,?,?,?,0045B98B,000000FF,?,?), ref: 0045BAF7
                                                                                                                                                                                                                            • FindClose.KERNELBASE(00000000,000000FF,?,?), ref: 0045B991
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Find$FileFirst$CloseErrorLast
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1464966427-0
                                                                                                                                                                                                                            • Opcode ID: b5486cb602cf4ff1db15d10de1da6bbb4540939fdd8a0d277773b62bb0d65643
                                                                                                                                                                                                                            • Instruction ID: f112283aa5425a4c0c9121b3b46b7d96bdd88bc9ae072e1c0d4da1c3add88dd0
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b5486cb602cf4ff1db15d10de1da6bbb4540939fdd8a0d277773b62bb0d65643
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A6F05471009790AACA221BB448047CB7B909F1632AF008A4EFAF912293C368509D9766
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00462128 Relevance: 1.5, APIs: 1, Instructions: 21threadCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • SetThreadExecutionState.KERNEL32(00000001), ref: 0046215D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ExecutionStateThread
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 2211380416-0
                                                                                                                                                                                                                            • Opcode ID: feebdbe1a5aabbfbe806d1e39f689464e027d5673054575f64b55102f0051e4c
                                                                                                                                                                                                                            • Instruction ID: 4a423bda0927fea81f17397575e1a435e066e07fca34f281ed579aa79437c75c
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: feebdbe1a5aabbfbe806d1e39f689464e027d5673054575f64b55102f0051e4c
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0ED0C21060891132DA12373D69057FF0A061FD332AF0800BFBA09122838B9D084682BF
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046B636 Relevance: 1.5, APIs: 1, Instructions: 16memoryCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • GdipAlloc.GDIPLUS(00000010), ref: 0046B63C
                                                                                                                                                                                                                              • Part of subcall function 0046B3C8: GdipCreateBitmapFromStreamICM.GDIPLUS(?,?), ref: 0046B3E9
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Gdip$AllocBitmapCreateFromStream
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1915507550-0
                                                                                                                                                                                                                            • Opcode ID: 67c6c0b1a9f8045d953eebf11179e7c179da5fb7bf356439fdf6af47a3be8cb5
                                                                                                                                                                                                                            • Instruction ID: 013edd1b1d97e928117c65774cf4de3b4ef43b6a13c02ecc659bfbae2edf5083
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 67c6c0b1a9f8045d953eebf11179e7c179da5fb7bf356439fdf6af47a3be8cb5
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9ED0A77120420876DF012B61CC02A7E7694DB10348F00C037BD41D5291FBB5DDA051DB
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F747 Relevance: 1.5, APIs: 1, Instructions: 13COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • DloadProtectSection.DELAYIMP ref: 0046F76F
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: DloadProtectSection
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 2203082970-0
                                                                                                                                                                                                                            • Opcode ID: b7556bd33f87f05f3d88b6d86b1a2776a71844f40be2e8f554cf651af72e6a51
                                                                                                                                                                                                                            • Instruction ID: 0f64039eba7d6ed350e8a46324f2832ebed963b963f38b6cd17b5b7786adeb15
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b7556bd33f87f05f3d88b6d86b1a2776a71844f40be2e8f554cf651af72e6a51
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 87D012705502049AEA11EF76FC4675A22A4F30830FF500A3BF5C181395E77C454C966F
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046EEBD Relevance: 1.5, APIs: 1, Instructions: 13windowCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • SendDlgItemMessageW.USER32(0000006A,00000402,00000000,00000000,00462E88), ref: 0046EEE2
                                                                                                                                                                                                                              • Part of subcall function 0046C758: PeekMessageW.USER32(?,00000000,00000000,00000000,00000000), ref: 0046C769
                                                                                                                                                                                                                              • Part of subcall function 0046C758: GetMessageW.USER32(?,00000000,00000000,00000000), ref: 0046C77A
                                                                                                                                                                                                                              • Part of subcall function 0046C758: IsDialogMessageW.USER32(0001047A,?), ref: 0046C78E
                                                                                                                                                                                                                              • Part of subcall function 0046C758: TranslateMessage.USER32(?), ref: 0046C79C
                                                                                                                                                                                                                              • Part of subcall function 0046C758: DispatchMessageW.USER32(?), ref: 0046C7A6
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Message$DialogDispatchItemPeekSendTranslate
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 897784432-0
                                                                                                                                                                                                                            • Opcode ID: a7120a64f480033c07f55c4478e379c7bd9ecdc1fe477124e9734786a5dd6b4d
                                                                                                                                                                                                                            • Instruction ID: c7d5b60c2358fe717fb1fd512627f247e0b59c16fde74a836916e83b62fb54a9
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a7120a64f480033c07f55c4478e379c7bd9ecdc1fe477124e9734786a5dd6b4d
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9AD09E31159200BBDA013B52CD06F1ABAE2BBD8B09F40456AB285340B186629D319B4B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0045AB1C Relevance: 1.5, APIs: 1, Instructions: 12COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • GetFileType.KERNELBASE(000000FF,0045AA1E), ref: 0045AB28
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: FileType
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 3081899298-0
                                                                                                                                                                                                                            • Opcode ID: 03d5bcf9835cdc481ec983a91a777415da47becdfb46b89b2d9169295234de4f
                                                                                                                                                                                                                            • Instruction ID: 86ddab37466a368699906096a9cf380bf338f136ae82fd82cfc44443392af7c8
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 03d5bcf9835cdc481ec983a91a777415da47becdfb46b89b2d9169295234de4f
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A6C08034400105C54E300A34D84405F7723EE5337B7B497D7C664C51A3C32B9C6BE647
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F346 Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F33D
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: 20755ceb5e3345aef0816606de0336350a8d64d73a683fe89131b01bbcd31fd7
                                                                                                                                                                                                                            • Instruction ID: 2af0b07db92c5631c68de31c68403ff8a43efc7caf26a5aee350eee780b940a0
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 20755ceb5e3345aef0816606de0336350a8d64d73a683fe89131b01bbcd31fd7
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 20B092D26690026D2244B21D7903B3A0228C480B10730862FB440C4180E4880C4A123F
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F350 Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F33D
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: 8848a07f79dcba173ebf3cbccfb4ce7924a2c3ab095cf1de609c44721c1dce48
                                                                                                                                                                                                                            • Instruction ID: 92eedf1e533b346583085e09922633af66aae99cc548fd942ca5a64e4156f541
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8848a07f79dcba173ebf3cbccfb4ce7924a2c3ab095cf1de609c44721c1dce48
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B1B092D26691026D3244B21D7803B3A022CC480B10730852FB440C0180E4480C4A163F
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F35A Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F33D
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: 229e27a72075fa0f52f185f0bfb5f180a4b951682d64256e347c3e29e9045a25
                                                                                                                                                                                                                            • Instruction ID: 16732b0f3d08ff482e83b8812fb082ad8989e5904e989b9370bcb04fdb633825
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 229e27a72075fa0f52f185f0bfb5f180a4b951682d64256e347c3e29e9045a25
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D3B092966691026D2244B2193803B3B0228C480B14330842FF840C0180E4480C4A123B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F364 Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F33D
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: d054aed907fbc5aa0af179b109d783d9f884b619e03dfac4ce5b1182f6fab8d3
                                                                                                                                                                                                                            • Instruction ID: c7f34b49bd2a0159f0a325ce90e7b7596a1c0545d0574733ea3f7323456f4b9b
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d054aed907fbc5aa0af179b109d783d9f884b619e03dfac4ce5b1182f6fab8d3
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F9B092966692027D2684B2193803B3B0268C480B10330852FB440C0180E4480C8A523B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F378 Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F33D
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: e10b543cb974eec8c8cc20cf24389a68b77e0f2af9aa3bb5c84013e14b35829f
                                                                                                                                                                                                                            • Instruction ID: f5dbc85cde0405cb084756b0195fe5370714a89d3738fdf9e7db33d5a63033e1
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e10b543cb974eec8c8cc20cf24389a68b77e0f2af9aa3bb5c84013e14b35829f
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E3B092966691026D3244B2193803B3B022CC480B10330842FB440C0180E4480C4A123B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F32B Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F33D
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: b6244265cb4e627046e75933fd963cf146388d5f7cb5caf1dfe15988c97e260a
                                                                                                                                                                                                                            • Instruction ID: 80836e12ed25db481dff4937db09e7e195705e202b63536c411f0c009fb5654d
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b6244265cb4e627046e75933fd963cf146388d5f7cb5caf1dfe15988c97e260a
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 05B092926690027E320472193807A7A022CC480B10330842FF44080080B4480C4A113B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F3C8 Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F33D
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: 62577483d29cc6a22905972bc27eb2fdf3fe09095bd6bd87f429d6028cb6bd04
                                                                                                                                                                                                                            • Instruction ID: a76fd5cde099da05a42b11b73cb798957042b9305abf248bab48684ea6549fae
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 62577483d29cc6a22905972bc27eb2fdf3fe09095bd6bd87f429d6028cb6bd04
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 93B092A26690026D3244B21E3803B3A022CC480B10330842FB440C4180E4480C4A163B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F3DC Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F33D
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: d06d7cdce713a463f4a397160d46b55b2589d12ed6879fe8e128bdb5b1dddcef
                                                                                                                                                                                                                            • Instruction ID: 45a93a25795349a695eb8579ab026a1de6b38b3bd5836cbb68ef21a3489b5b05
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d06d7cdce713a463f4a397160d46b55b2589d12ed6879fe8e128bdb5b1dddcef
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 04B092A266A1027D2284B2193813B3A0228C480B10730852FB480C0180E4480C8A123B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F382 Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F33D
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: 23496595883cfacfd42eb73f679ab6e67c9739fb51fffcfaefa02e38a5b45e52
                                                                                                                                                                                                                            • Instruction ID: 5305e7c16eb329728aa4c5d8e4d6ce2969e2b1d04946fad86870853886475b3a
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 23496595883cfacfd42eb73f679ab6e67c9739fb51fffcfaefa02e38a5b45e52
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 35B092926690026D2244B2193803B3A0228C480B14330C42FF840C0280E4480C4E123B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F38C Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F33D
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: f4e4cb40c99fa30f1a8c7ff1e9bbacf491ab08d771da24fdf73d6fded8491a63
                                                                                                                                                                                                                            • Instruction ID: 6512b6ed2473b99b3d6aa7ee2d1dca504f52e36b770864dc30d89c737f84a0cb
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f4e4cb40c99fa30f1a8c7ff1e9bbacf491ab08d771da24fdf73d6fded8491a63
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F9B092926691427D2284B2193803B3A0228C480B10330852FB440C0280E4480C8E123B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F396 Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F33D
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: 98a5255a7df150e4b72fb3afcedbadd993a8af347420e114a93f33937be0b2d7
                                                                                                                                                                                                                            • Instruction ID: 18204e91cee82ef90fb232bab51cf925cf64d124e161edcd05cfba8d6ceb44c5
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 98a5255a7df150e4b72fb3afcedbadd993a8af347420e114a93f33937be0b2d7
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F3B092926690026D2244B2193903B3A0228C480B10330842FB440C4280E4980C4E123B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F3A0 Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F33D
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: 44948fc8e836768eb73e0f5b3185844202ca1e848633b474476214cff9edfdcc
                                                                                                                                                                                                                            • Instruction ID: 89d73cf99eb3fcf6854263c4c4eda1cad47a7ba0b7ba3ca02f8eb4fc1f031f78
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 44948fc8e836768eb73e0f5b3185844202ca1e848633b474476214cff9edfdcc
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6FB092926690026D3244B2593803B3A032CC480B10330882FB440C0280E4480C4E123B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F3AA Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F33D
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: a4b024bd6773172ce6c85daf3445fcc8ffe3af33654137ba2c6d70829cbec474
                                                                                                                                                                                                                            • Instruction ID: b737f74634be2f65113d33e85e203cc3adb2fffc2285a2db4d47767aa942dc5e
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a4b024bd6773172ce6c85daf3445fcc8ffe3af33654137ba2c6d70829cbec474
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E4B092A26690026D2244B21D3803B3A0228C880B14330842FF840C0180E4480C4A163B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F3BE Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F33D
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: ecb8a0d96202776a964362a9a8e347d7c6027114f0f634a6b5ebf5ae398a95b4
                                                                                                                                                                                                                            • Instruction ID: 64325c4113219007cdc928e0fccacfdd51293d91b7b637f0c8bab0845d2907a3
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ecb8a0d96202776a964362a9a8e347d7c6027114f0f634a6b5ebf5ae398a95b4
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6BB092A26690026D2244B21D3913B3A0228C480B10330842FB440C4180E4880D4A163B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F40E Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F33D
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: 2ec08145f36f128d66281c19577282a9d8a004c839f0563eed83e73f2d6ff844
                                                                                                                                                                                                                            • Instruction ID: 1a4d666371a594ca0a4aef995420448b196cdb8b1a91d2f0ad921788ae2f47ac
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2ec08145f36f128d66281c19577282a9d8a004c839f0563eed83e73f2d6ff844
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F5B092A26690026D2644B2193903B3A02A8C480B10730842FB440C4180E4890C4A123B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F573 Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F556
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: b036b68e50336464c16e3ecd2618cee864d891f243223c40de2ccd282d21a757
                                                                                                                                                                                                                            • Instruction ID: 6a5fb5d55780d4d6d56642d0c394fcaafc28c0c154f542cbaa938accea98d96e
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b036b68e50336464c16e3ecd2618cee864d891f243223c40de2ccd282d21a757
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A4B092C12A92007E2344B2163C03A3A0248C884B10330852BB081C1081A6484C4D013B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F57D Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F556
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: 48a99f4a0c3fdd83eed652db3d7cbbd4e90389b108e05c7d81ff26e4b64de3bc
                                                                                                                                                                                                                            • Instruction ID: 12f83f0d4492d1839a8a5bfa87ecfb55c450019ef1a0728f74d0ee7dde91cd2d
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 48a99f4a0c3fdd83eed652db3d7cbbd4e90389b108e05c7d81ff26e4b64de3bc
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 61B092C12A92007E2204B2163C13B3A0208C484B10330842BB081C1081A6484C09023B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F5A5 Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F556
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: e0bbd4c8655053a161d75cf03ba9b79dd50e16c5442770e7c3594f8c8817a355
                                                                                                                                                                                                                            • Instruction ID: ceafe0afa4a24e71a3c17b95a9c387e8512c94920f7873495dfca419967b1a6f
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e0bbd4c8655053a161d75cf03ba9b79dd50e16c5442770e7c3594f8c8817a355
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D2B092C12A91007E2204B2167C13B3A0208C484B10330862BB081C1081A6484C09013F
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F6D2 Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F6AB
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: af2a816fc00d47666b4897768d7643a60230f110427dc6f04947b3a0e353e423
                                                                                                                                                                                                                            • Instruction ID: 75364ff581efb2453b1449719a4ac622732a7d38e740b637bddec441fc478abf
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: af2a816fc00d47666b4897768d7643a60230f110427dc6f04947b3a0e353e423
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9DB09281269000AD220471157803E3A0218C484B14330842BF441C60C4E4480C0E023B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F699 Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F6AB
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: 90db670794a63ee1e1fdc92456309e6551dbb997377478680b439632fd726d8b
                                                                                                                                                                                                                            • Instruction ID: 3739ebb26dff5d28cd88b639180b067bb586c61ca6cdb408a1c9450a7697b5e3
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 90db670794a63ee1e1fdc92456309e6551dbb997377478680b439632fd726d8b
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 05B0928526A0007D22043111B903A3A0208C980B14330842BF041D4081A4490C0B013F
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F6B4 Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F6AB
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: f240186a05ff373481f8462493e7d2caaef217ab0993dc118b5d7f278604cd03
                                                                                                                                                                                                                            • Instruction ID: f9c736d21b168eb53aaa970de68bb503bed5fa1444d3b71121725e5fba2ae14f
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f240186a05ff373481f8462493e7d2caaef217ab0993dc118b5d7f278604cd03
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 21B092812691006D224471297803A3A0208C884B14330853BF041C1184E4490C4E023B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F6BE Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F6AB
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: 4e578ea3ee56b036aca5dae459410ef68988f74d0efd196504bc7bc19380f3d9
                                                                                                                                                                                                                            • Instruction ID: 01b6e772d0cc88bd5e5b1d1eb2b5ab8993bb77590885ae9cb0a06e997947c070
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4e578ea3ee56b036aca5dae459410ef68988f74d0efd196504bc7bc19380f3d9
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 14B092812690006D220471297903A3A0208C584B14330843BF141C5084A4490C0E023B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F71F Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F70C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: aead7f9de0fb0cf02fee3fd2b2b890aef1a1ed52671411d109c5b54e0727d8ae
                                                                                                                                                                                                                            • Instruction ID: 17858c3d523af04656ecc7b54f55d709de52c8d6fc2838012dd81dd9731ead3a
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: aead7f9de0fb0cf02fee3fd2b2b890aef1a1ed52671411d109c5b54e0727d8ae
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EDB092C16691006D220871593903B3A0208D890B11330883BF840C4084E4880D4A113B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F733 Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F70C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: 7083ea3a78bc9263edd7c523ee06a5270458c2cc2884ef2531a217ca759f65dd
                                                                                                                                                                                                                            • Instruction ID: 0321056499e696463423a90d1a5d637a0946bb604c1fdf2f74af30be4fc1eaeb
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7083ea3a78bc9263edd7c523ee06a5270458c2cc2884ef2531a217ca759f65dd
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2AB092C16692007D228871593C03B3A0208C880B11330892BF840C0080E4480C89113B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F73D Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F70C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: 31a736025b4388e40ea52e6caf2beda051453c241b4e92bd3eac7b8f0c201cde
                                                                                                                                                                                                                            • Instruction ID: 9daced9c843424166a23c911ffe6d85934c7d2612180fb445cddc2aa9e783049
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 31a736025b4388e40ea52e6caf2beda051453c241b4e92bd3eac7b8f0c201cde
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 75B092C16691007D220871593803B3A0208C880B15330882BF840C5084E4480C4D113B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F373 Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F33D
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: 611ea00143be87b88bd83ba5f4fd481a8e000f3592930c5e654bb002ef0d4bd2
                                                                                                                                                                                                                            • Instruction ID: 496f24762b8ad2a3d52b3840b034a88d0aa11d95dd12bbba36442008b8c98381
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 611ea00143be87b88bd83ba5f4fd481a8e000f3592930c5e654bb002ef0d4bd2
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7BA002D65691437D354472557D17D3B032CC4C4B55730492FF45184185B4481C4E553B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F3D7 Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F33D
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: 623cf2656be556e1ceff149724162763423854ede36db1f2c1487c3ba756da89
                                                                                                                                                                                                                            • Instruction ID: 496f24762b8ad2a3d52b3840b034a88d0aa11d95dd12bbba36442008b8c98381
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 623cf2656be556e1ceff149724162763423854ede36db1f2c1487c3ba756da89
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7BA002D65691437D354472557D17D3B032CC4C4B55730492FF45184185B4481C4E553B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F3EB Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F33D
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: d85d3c0fedb3f7a38a2558869141b18383c73e45b5e3de518870d42aa810bfcf
                                                                                                                                                                                                                            • Instruction ID: 496f24762b8ad2a3d52b3840b034a88d0aa11d95dd12bbba36442008b8c98381
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d85d3c0fedb3f7a38a2558869141b18383c73e45b5e3de518870d42aa810bfcf
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7BA002D65691437D354472557D17D3B032CC4C4B55730492FF45184185B4481C4E553B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F3F5 Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F33D
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: 41bf1553cb37c9c1cab88ff132c963b6d6a2d3cce7e1c8f83ee7e3a7aef0e431
                                                                                                                                                                                                                            • Instruction ID: 496f24762b8ad2a3d52b3840b034a88d0aa11d95dd12bbba36442008b8c98381
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 41bf1553cb37c9c1cab88ff132c963b6d6a2d3cce7e1c8f83ee7e3a7aef0e431
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7BA002D65691437D354472557D17D3B032CC4C4B55730492FF45184185B4481C4E553B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F3FF Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F33D
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: d24387b1ce256959a9baac253dac42561567166741d4fa1b3987ca0e73911091
                                                                                                                                                                                                                            • Instruction ID: 496f24762b8ad2a3d52b3840b034a88d0aa11d95dd12bbba36442008b8c98381
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d24387b1ce256959a9baac253dac42561567166741d4fa1b3987ca0e73911091
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7BA002D65691437D354472557D17D3B032CC4C4B55730492FF45184185B4481C4E553B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F3B9 Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F33D
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: e59f1ba1b203f91d0ee7562b077410bf5c9c3e48f7546f99b9fb5afe53654cb6
                                                                                                                                                                                                                            • Instruction ID: 496f24762b8ad2a3d52b3840b034a88d0aa11d95dd12bbba36442008b8c98381
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e59f1ba1b203f91d0ee7562b077410bf5c9c3e48f7546f99b9fb5afe53654cb6
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7BA002D65691437D354472557D17D3B032CC4C4B55730492FF45184185B4481C4E553B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F409 Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F33D
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: 8976fd6f411c30c22b7f535cbafa848a9f8284c743957bc351b6462f2414a7b0
                                                                                                                                                                                                                            • Instruction ID: 496f24762b8ad2a3d52b3840b034a88d0aa11d95dd12bbba36442008b8c98381
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8976fd6f411c30c22b7f535cbafa848a9f8284c743957bc351b6462f2414a7b0
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7BA002D65691437D354472557D17D3B032CC4C4B55730492FF45184185B4481C4E553B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F41D Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F33D
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: 4537a6e55fd056d248ad754b63e293600d179558e70b7234d4723a2740b7a62b
                                                                                                                                                                                                                            • Instruction ID: 496f24762b8ad2a3d52b3840b034a88d0aa11d95dd12bbba36442008b8c98381
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4537a6e55fd056d248ad754b63e293600d179558e70b7234d4723a2740b7a62b
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7BA002D65691437D354472557D17D3B032CC4C4B55730492FF45184185B4481C4E553B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F427 Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F33D
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: a910e7fbb491c6c90813adfd1bafe100fff64b8e869d576c3b354155b91d1e77
                                                                                                                                                                                                                            • Instruction ID: 496f24762b8ad2a3d52b3840b034a88d0aa11d95dd12bbba36442008b8c98381
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a910e7fbb491c6c90813adfd1bafe100fff64b8e869d576c3b354155b91d1e77
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7BA002D65691437D354472557D17D3B032CC4C4B55730492FF45184185B4481C4E553B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F431 Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F33D
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: 1b64fd015fc524e95f99700790fd93f8da16644f94c1f4910d439f49da7990bf
                                                                                                                                                                                                                            • Instruction ID: 496f24762b8ad2a3d52b3840b034a88d0aa11d95dd12bbba36442008b8c98381
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1b64fd015fc524e95f99700790fd93f8da16644f94c1f4910d439f49da7990bf
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7BA002D65691437D354472557D17D3B032CC4C4B55730492FF45184185B4481C4E553B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F549 Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F556
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: e84c6e6c32dc763faa0f2b0abcc651bba78f0f8b97ad06f550d7db523e2c7603
                                                                                                                                                                                                                            • Instruction ID: e4b6ba32bb34eda17a3512a16c4e03efa7b6244e75d7335f09967a8d714e6f6b
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e84c6e6c32dc763faa0f2b0abcc651bba78f0f8b97ad06f550d7db523e2c7603
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 73A001D66AA2157E3208BA627E17E3B021DC8C4B65330892FF49295086BA885D4E113B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F564 Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F556
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: eda766ef9c7fd538e15fd3272a71dea22bc94390570cc924e2471fccdb2726cc
                                                                                                                                                                                                                            • Instruction ID: c5474792f152a2e0c3e6f0570646c9cf988980d81e9768063c73abf319b17425
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: eda766ef9c7fd538e15fd3272a71dea22bc94390570cc924e2471fccdb2726cc
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CAA002D55A91117E320476527D17D3B021CC4C4B55330492FF4928508575485C4D113B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F56E Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F556
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: 38411454058368aaaccb3693131ee04bc265774d61ed6b305c1bb634137edca9
                                                                                                                                                                                                                            • Instruction ID: c5474792f152a2e0c3e6f0570646c9cf988980d81e9768063c73abf319b17425
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 38411454058368aaaccb3693131ee04bc265774d61ed6b305c1bb634137edca9
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CAA002D55A91117E320476527D17D3B021CC4C4B55330492FF4928508575485C4D113B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F58C Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F556
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: 5737c13d4bfd0e264f430eec1ec553daa5f56e70fccf1d007cd2f2aa4013176c
                                                                                                                                                                                                                            • Instruction ID: c5474792f152a2e0c3e6f0570646c9cf988980d81e9768063c73abf319b17425
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5737c13d4bfd0e264f430eec1ec553daa5f56e70fccf1d007cd2f2aa4013176c
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CAA002D55A91117E320476527D17D3B021CC4C4B55330492FF4928508575485C4D113B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F596 Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F556
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: 53c53115087e49b1228615ce8d696f395be5a3bedc67043714bf4e95ed14c247
                                                                                                                                                                                                                            • Instruction ID: c5474792f152a2e0c3e6f0570646c9cf988980d81e9768063c73abf319b17425
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 53c53115087e49b1228615ce8d696f395be5a3bedc67043714bf4e95ed14c247
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CAA002D55A91117E320476527D17D3B021CC4C4B55330492FF4928508575485C4D113B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F5A0 Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F556
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: 238562800aa118df572937bc00ffb9e088a0b8ae26f74ee9406116164792503e
                                                                                                                                                                                                                            • Instruction ID: c5474792f152a2e0c3e6f0570646c9cf988980d81e9768063c73abf319b17425
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 238562800aa118df572937bc00ffb9e088a0b8ae26f74ee9406116164792503e
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CAA002D55A91117E320476527D17D3B021CC4C4B55330492FF4928508575485C4D113B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F6CD Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F6AB
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: 82d68a1e346d5a1059548b677e4085d7b622086c8d30df4c81047bb6d0f8b154
                                                                                                                                                                                                                            • Instruction ID: 5a01aaa110774d45fdd467055c5d1c0718d3a3d65088424ffff9d2a343bee4a9
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 82d68a1e346d5a1059548b677e4085d7b622086c8d30df4c81047bb6d0f8b154
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E2A001D66BA102BD32087262BD17E3B021CC8C8BA9330892FF492D50D5B8891C5E163B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F6E1 Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F6AB
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: f27f8e02a7c1ba128a0f4c7784ba7aa0ebf59032b63cdc4db6ce99aa54e5cfdb
                                                                                                                                                                                                                            • Instruction ID: 5a01aaa110774d45fdd467055c5d1c0718d3a3d65088424ffff9d2a343bee4a9
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f27f8e02a7c1ba128a0f4c7784ba7aa0ebf59032b63cdc4db6ce99aa54e5cfdb
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E2A001D66BA102BD32087262BD17E3B021CC8C8BA9330892FF492D50D5B8891C5E163B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F6EB Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F6AB
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: 27204d9f8081c636189d0a27cdfdf8351b0ce19ef07c4d0d5599f07cf7fe90e7
                                                                                                                                                                                                                            • Instruction ID: 5a01aaa110774d45fdd467055c5d1c0718d3a3d65088424ffff9d2a343bee4a9
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 27204d9f8081c636189d0a27cdfdf8351b0ce19ef07c4d0d5599f07cf7fe90e7
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E2A001D66BA102BD32087262BD17E3B021CC8C8BA9330892FF492D50D5B8891C5E163B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F6F5 Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F6AB
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: 5d01312046d620d1a4860f1885f1a624a6c749a638ece8e7a3a09611db14ba6b
                                                                                                                                                                                                                            • Instruction ID: 5a01aaa110774d45fdd467055c5d1c0718d3a3d65088424ffff9d2a343bee4a9
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5d01312046d620d1a4860f1885f1a624a6c749a638ece8e7a3a09611db14ba6b
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E2A001D66BA102BD32087262BD17E3B021CC8C8BA9330892FF492D50D5B8891C5E163B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F6FF Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F70C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: 0f6f8d93b45d3b977c8c7d5819927751631843b92173e96b15631d376524aa94
                                                                                                                                                                                                                            • Instruction ID: 45d8a4e7b6bf13bb024dbaa3677d60d84737a0ee170eb4e638e942441b9252d3
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0f6f8d93b45d3b977c8c7d5819927751631843b92173e96b15631d376524aa94
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2DA002D55651017D310875517D57D3B121CD8D0B25330492FF85194085B4481D4D113B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F71A Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F70C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: e90ab71c23b4a94a29272583a39edd4035e267243d82a38291729398759f7306
                                                                                                                                                                                                                            • Instruction ID: a4b2d7d5da7a5dccaf4bc2f106ce8204e9c6b851e5454f4a61bfff1077459204
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e90ab71c23b4a94a29272583a39edd4035e267243d82a38291729398759f7306
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 05A001D66AA202BD320876A27D57E3B121CD8D4B663308D2FF89284085B8881D8E213B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F72E Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___delayLoadHelper2@8.DELAYIMP ref: 0046F70C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: DloadReleaseSectionWriteAccess.DELAYIMP ref: 0046FA5C
                                                                                                                                                                                                                              • Part of subcall function 0046F9E9: RaiseException.KERNEL32(C06D0057,00000000,00000001,?), ref: 0046FA6D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AccessDloadExceptionHelper2@8LoadRaiseReleaseSectionWrite___delay
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1269201914-0
                                                                                                                                                                                                                            • Opcode ID: b5ec31a0f87a4fcb178dd306f7c24733d249497412df6bf58d1e7dd955e8c0c4
                                                                                                                                                                                                                            • Instruction ID: a4b2d7d5da7a5dccaf4bc2f106ce8204e9c6b851e5454f4a61bfff1077459204
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b5ec31a0f87a4fcb178dd306f7c24733d249497412df6bf58d1e7dd955e8c0c4
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 05A001D66AA202BD320876A27D57E3B121CD8D4B663308D2FF89284085B8881D8E213B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0045B199 Relevance: 1.5, APIs: 1, Instructions: 7fileCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • SetEndOfFile.KERNELBASE(?,0045A083,?,?,-000018C0,?,-00002908,00000000,-00000880,?,00000000,?,?,00000000,0045922F,-00008BE0), ref: 0045B19C
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: File
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 749574446-0
                                                                                                                                                                                                                            • Opcode ID: c0fbdded5451ce7d0a381280c7960d690015617c7c14332151748a3f4b2bcf3c
                                                                                                                                                                                                                            • Instruction ID: c18d1e039938b35863c2bb464b5edaad07d56502f47bc599eac98d812e34d015
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c0fbdded5451ce7d0a381280c7960d690015617c7c14332151748a3f4b2bcf3c
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 39A0123004000A868D001730D90400D3710E7527C031105A85006CA061C71244078700
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Non-executed Functions

                                                                                                                                                                                                                            Function 0046D420 Relevance: 33.5, APIs: 17, Strings: 2, Instructions: 233windowfileCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                              • Part of subcall function 004512F6: GetDlgItem.USER32(00000000,00003021), ref: 0045133A
                                                                                                                                                                                                                              • Part of subcall function 004512F6: SetWindowTextW.USER32(00000000,004845F4), ref: 00451350
                                                                                                                                                                                                                            • SendDlgItemMessageW.USER32(?,00000066,00000171,00000000,00000000), ref: 0046D4B1
                                                                                                                                                                                                                            • EndDialog.USER32(?,00000006), ref: 0046D4C4
                                                                                                                                                                                                                            • GetDlgItem.USER32(?,0000006C), ref: 0046D4E0
                                                                                                                                                                                                                            • SetFocus.USER32(00000000), ref: 0046D4E7
                                                                                                                                                                                                                            • SetDlgItemTextW.USER32(?,00000065,?), ref: 0046D521
                                                                                                                                                                                                                            • SendDlgItemMessageW.USER32(?,00000066,00000170,?,00000000), ref: 0046D558
                                                                                                                                                                                                                            • FindFirstFileW.KERNEL32(?,?), ref: 0046D56E
                                                                                                                                                                                                                              • Part of subcall function 0046BC2B: FileTimeToSystemTime.KERNEL32(?,?), ref: 0046BC3F
                                                                                                                                                                                                                              • Part of subcall function 0046BC2B: SystemTimeToTzSpecificLocalTime.KERNEL32(00000000,?,?), ref: 0046BC50
                                                                                                                                                                                                                              • Part of subcall function 0046BC2B: SystemTimeToFileTime.KERNEL32(?,?), ref: 0046BC5E
                                                                                                                                                                                                                              • Part of subcall function 0046BC2B: FileTimeToSystemTime.KERNEL32(?,?), ref: 0046BC6C
                                                                                                                                                                                                                              • Part of subcall function 0046BC2B: GetDateFormatW.KERNEL32(00000400,00000000,?,00000000,?,00000032), ref: 0046BC87
                                                                                                                                                                                                                              • Part of subcall function 0046BC2B: GetTimeFormatW.KERNEL32(00000400,?,?,00000000,?,00000032), ref: 0046BCAE
                                                                                                                                                                                                                              • Part of subcall function 0046BC2B: _swprintf.LIBCMT ref: 0046BCD4
                                                                                                                                                                                                                            • _swprintf.LIBCMT ref: 0046D5B7
                                                                                                                                                                                                                              • Part of subcall function 00454A20: __vswprintf_c_l.LEGACY_STDIO_DEFINITIONS ref: 00454A33
                                                                                                                                                                                                                            • SetDlgItemTextW.USER32(?,0000006A,?), ref: 0046D5CA
                                                                                                                                                                                                                            • FindClose.KERNEL32(00000000), ref: 0046D5D1
                                                                                                                                                                                                                            • _swprintf.LIBCMT ref: 0046D620
                                                                                                                                                                                                                            • SetDlgItemTextW.USER32(?,00000068,?), ref: 0046D633
                                                                                                                                                                                                                            • SendDlgItemMessageW.USER32(?,00000067,00000170,?,00000000), ref: 0046D650
                                                                                                                                                                                                                            • _swprintf.LIBCMT ref: 0046D683
                                                                                                                                                                                                                            • SetDlgItemTextW.USER32(?,0000006B,?), ref: 0046D696
                                                                                                                                                                                                                            • _swprintf.LIBCMT ref: 0046D6E0
                                                                                                                                                                                                                            • SetDlgItemTextW.USER32(?,00000069,?), ref: 0046D6F3
                                                                                                                                                                                                                              • Part of subcall function 0046C093: GetLocaleInfoW.KERNEL32(00000400,0000000F,?,00000064), ref: 0046C0B9
                                                                                                                                                                                                                              • Part of subcall function 0046C093: GetNumberFormatW.KERNEL32(00000400,00000000,?,0049072C,?,?), ref: 0046C108
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Item$Time$Text$_swprintf$FileSystem$FormatMessageSend$Find$CloseDateDialogFirstFocusInfoLocalLocaleNumberSpecificWindow__vswprintf_c_l
                                                                                                                                                                                                                            • String ID: %s %s$REPLACEFILEDLG
                                                                                                                                                                                                                            • API String ID: 3464475507-439456425
                                                                                                                                                                                                                            • Opcode ID: 79f35d117bec108a095fa6daa54417d6d178ca05fa1fdb1940eebb61ba8c43e3
                                                                                                                                                                                                                            • Instruction ID: baf171801224d07f70c9b86aad62cf21b45a01ece2229eca38ed23f66f728349
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 79f35d117bec108a095fa6daa54417d6d178ca05fa1fdb1940eebb61ba8c43e3
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AB71ED71E083047BD231AB64DC49FFF779CEB85705F04092AF649D2191EA799904876B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00457AAF Relevance: 28.3, APIs: 12, Strings: 4, Instructions: 337fileCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • __EH_prolog.LIBCMT ref: 00457AB4
                                                                                                                                                                                                                            • _wcslen.LIBCMT ref: 00457B1D
                                                                                                                                                                                                                            • _wcslen.LIBCMT ref: 00457B8E
                                                                                                                                                                                                                              • Part of subcall function 00458704: GetCurrentProcess.KERNEL32(00000020,?), ref: 00458713
                                                                                                                                                                                                                              • Part of subcall function 00458704: GetLastError.KERNEL32 ref: 00458759
                                                                                                                                                                                                                              • Part of subcall function 00458704: CloseHandle.KERNEL32(?), ref: 00458768
                                                                                                                                                                                                                              • Part of subcall function 0045B470: DeleteFileW.KERNELBASE(?,00000000,?,0045A438,?,?,?,?,0045892B,?,?,?,0048380F,000000FF), ref: 0045B481
                                                                                                                                                                                                                              • Part of subcall function 0045B470: DeleteFileW.KERNEL32(?,?,?,00000800,?,0045A438,?,?,?,?,0045892B,?,?,?,0048380F,000000FF), ref: 0045B4AF
                                                                                                                                                                                                                            • CreateFileW.KERNEL32(?,40000000,00000000,00000000,00000001,00000080,00000000,?,?,00000001,?), ref: 00457C43
                                                                                                                                                                                                                            • CloseHandle.KERNEL32(00000000), ref: 00457C5F
                                                                                                                                                                                                                            • CreateFileW.KERNEL32(?,C0000000,00000000,00000000,00000003,02200000,00000000), ref: 00457DAB
                                                                                                                                                                                                                              • Part of subcall function 0045B032: FlushFileBuffers.KERNEL32(?,?,?,?,?,?,00457ED0,?,?,?,00000000), ref: 0045B04C
                                                                                                                                                                                                                              • Part of subcall function 0045B032: SetFileTime.KERNELBASE(?,?,?,?), ref: 0045B100
                                                                                                                                                                                                                              • Part of subcall function 0045A880: FindCloseChangeNotification.KERNELBASE(000000FF,?,?,0045A83D,?,?,?,?,?,0048380F,000000FF), ref: 0045A89B
                                                                                                                                                                                                                              • Part of subcall function 0045B8E6: SetFileAttributesW.KERNELBASE(?,00000000,00000001,?,0045B5B5,?,?,?,0045B405,?,00000001,00000000,?,?), ref: 0045B8FA
                                                                                                                                                                                                                              • Part of subcall function 0045B8E6: SetFileAttributesW.KERNEL32(?,00000000,?,?,00000800,?,0045B5B5,?,?,?,0045B405,?,00000001,00000000,?,?), ref: 0045B92B
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: File$Close$AttributesCreateDeleteHandle_wcslen$BuffersChangeCurrentErrorFindFlushH_prologLastNotificationProcessTime
                                                                                                                                                                                                                            • String ID: SeCreateSymbolicLinkPrivilege$SeRestorePrivilege$UNC\$\??\
                                                                                                                                                                                                                            • API String ID: 2821348736-3508440684
                                                                                                                                                                                                                            • Opcode ID: 973203efed7f351d3b38cf1300ef52009f3345f7ec09f9601173b402c9088999
                                                                                                                                                                                                                            • Instruction ID: 1dfca3eb0c2a198f7e71a8c4b7b2843cd2a7daafab79edbf1ccb95446bffe7f7
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 973203efed7f351d3b38cf1300ef52009f3345f7ec09f9601173b402c9088999
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DCC10A71904205AADB21DB64DC86FEF77ACAF04319F00456FF945E7243D738AA48CBA9
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0047EAAE Relevance: 10.1, APIs: 1, Strings: 4, Instructions: 1381COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: __floor_pentium4
                                                                                                                                                                                                                            • String ID: 1#IND$1#INF$1#QNAN$1#SNAN
                                                                                                                                                                                                                            • API String ID: 4168288129-2761157908
                                                                                                                                                                                                                            • Opcode ID: 30532b0be9d11ff5be2f9ceefbe09379ca4a3709c1140181ea651f844ff6dabd
                                                                                                                                                                                                                            • Instruction ID: 333b2a7e0f58cc0630ca371d07d2acfcf192b4c056b0cd4e8c064eb29060ad70
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 30532b0be9d11ff5be2f9ceefbe09379ca4a3709c1140181ea651f844ff6dabd
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AAC25A71E086288FDB25CE28DD407EAB7B5EB48304F1585EBD80DE7241E778AE858F45
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0045395A Relevance: 9.4, APIs: 2, Strings: 3, Instructions: 666COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: H_prolog_swprintf
                                                                                                                                                                                                                            • String ID: CMT$h%u$hc%u
                                                                                                                                                                                                                            • API String ID: 146138363-3282847064
                                                                                                                                                                                                                            • Opcode ID: 22b70247c2fa7f978aa49205b2f9d92a8acd0496f3d43f88fdce4c68b4a53dd9
                                                                                                                                                                                                                            • Instruction ID: e58d1176fb6860d1e86a8051ea8646497d6e6c883292cf4b2050993c0bbb03f0
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 22b70247c2fa7f978aa49205b2f9d92a8acd0496f3d43f88fdce4c68b4a53dd9
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D942E4716002449BDF24DF35C881ADA3BA5AF55349F04447FFC468B283EB78AA8DCB65
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00452EB6 Relevance: 7.8, APIs: 3, Strings: 1, Instructions: 804COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • __EH_prolog.LIBCMT ref: 00452EBF
                                                                                                                                                                                                                            • _strlen.LIBCMT ref: 0045348B
                                                                                                                                                                                                                              • Part of subcall function 00461600: __EH_prolog.LIBCMT ref: 00461605
                                                                                                                                                                                                                              • Part of subcall function 00462ED2: MultiByteToWideChar.KERNEL32(00000000,00000000,?,000000FF,?,?,?,?,?,0045CF18,00000000,?,?), ref: 00462EEE
                                                                                                                                                                                                                            • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 004535DD
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: H_prolog$ByteCharMultiUnothrow_t@std@@@Wide__ehfuncinfo$??2@_strlen
                                                                                                                                                                                                                            • String ID: CMT
                                                                                                                                                                                                                            • API String ID: 1206968400-2756464174
                                                                                                                                                                                                                            • Opcode ID: 863d1fdecdf9be7dfb02df0c114e0efa398395b7f760e84f4fb1103fdb9dfc07
                                                                                                                                                                                                                            • Instruction ID: 2a09c63c46a34e2a8ceebef9e66e69ad7f557c68a5f5ff7086eb1963d1f53a1c
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 863d1fdecdf9be7dfb02df0c114e0efa398395b7f760e84f4fb1103fdb9dfc07
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 216225725002848BCB29DF39C8816EA3BA1AF15346F08457FFC5A8B383D7789A49CB15
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00470A0A Relevance: 6.1, APIs: 4, Instructions: 73COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • IsProcessorFeaturePresent.KERNEL32(00000017), ref: 00470A16
                                                                                                                                                                                                                            • IsDebuggerPresent.KERNEL32 ref: 00470AE2
                                                                                                                                                                                                                            • SetUnhandledExceptionFilter.KERNEL32(00000000), ref: 00470B02
                                                                                                                                                                                                                            • UnhandledExceptionFilter.KERNEL32(?), ref: 00470B0C
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ExceptionFilterPresentUnhandled$DebuggerFeatureProcessor
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 254469556-0
                                                                                                                                                                                                                            • Opcode ID: 0195673184cc4287261399591a2e2d9941945d5e001ffbe3e68b622514fe8781
                                                                                                                                                                                                                            • Instruction ID: 471f56e75fe22da479347de772db4cd6f745ae5d1fdbf781bca0f0305614a10c
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0195673184cc4287261399591a2e2d9941945d5e001ffbe3e68b622514fe8781
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 99313A75D01219DBDB21DFA4DD89BCDBBB8AF08304F1041AAE40CAB250EB755A84CF48
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F82F Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 49COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • VirtualQuery.KERNEL32(80000000,0046F774,0000001C,0046F969,00000000,?,?,?,?,?,?,?,0046F774,00000004,004B3D24,0046F9F9), ref: 0046F840
                                                                                                                                                                                                                            • GetSystemInfo.KERNEL32(?,?,00000000,?,?,?,?,0046F774,00000004,004B3D24,0046F9F9), ref: 0046F85B
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: InfoQuerySystemVirtual
                                                                                                                                                                                                                            • String ID: D
                                                                                                                                                                                                                            • API String ID: 401686933-2746444292
                                                                                                                                                                                                                            • Opcode ID: e4db42e46dd4fe5ade83bf01701e33560f783393efdbca0f1bf963609d251bc7
                                                                                                                                                                                                                            • Instruction ID: 86b4fbfd3affbb621b01e81c051ace160724c6507aba0c4a6443487f348ece23
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e4db42e46dd4fe5ade83bf01701e33560f783393efdbca0f1bf963609d251bc7
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9501F732A001096BCB14EE29DC09BDE7BE9AFD4324F0CC275AD59D7254E738D9058684
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00474FEF Relevance: 4.6, APIs: 3, Instructions: 78COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • IsDebuggerPresent.KERNEL32(?,?,?,?,?,00000000), ref: 004750E7
                                                                                                                                                                                                                            • SetUnhandledExceptionFilter.KERNEL32(00000000,?,?,?,?,?,00000000), ref: 004750F1
                                                                                                                                                                                                                            • UnhandledExceptionFilter.KERNEL32(-00000325,?,?,?,?,?,00000000), ref: 004750FE
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ExceptionFilterUnhandled$DebuggerPresent
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 3906539128-0
                                                                                                                                                                                                                            • Opcode ID: 75fdf365025d37e508d22ebfc93175eb5b63e092bb1cab81e131fa782e14b143
                                                                                                                                                                                                                            • Instruction ID: e2bf5a7a11cbe40c8d55bf16b95d9820e05b0174fe7c7b2c0005e25ea9b2257e
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 75fdf365025d37e508d22ebfc93175eb5b63e092bb1cab81e131fa782e14b143
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F931B6759112199BCB21DF65DC89BCDB7B4EF18310F5046EAE40CA7251E7749F818F48
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0047E600 Relevance: 3.5, APIs: 2, Instructions: 464COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                            • Opcode ID: d08e2bcb8369247a90beecc4ac2937ecc20121a35f50d3dd5c946701bfc99d8e
                                                                                                                                                                                                                            • Instruction ID: 6cff8df460c98bc8c65295c4889049b7c831e0e404cb7bc7b79aa800e583e04a
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d08e2bcb8369247a90beecc4ac2937ecc20121a35f50d3dd5c946701bfc99d8e
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F1022D71E002199BDF14CFAAC9806EEB7F5FF48314F1582AAD919E7381D735A9418B84
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046C093 Relevance: 3.0, APIs: 2, Instructions: 45COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • GetLocaleInfoW.KERNEL32(00000400,0000000F,?,00000064), ref: 0046C0B9
                                                                                                                                                                                                                            • GetNumberFormatW.KERNEL32(00000400,00000000,?,0049072C,?,?), ref: 0046C108
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: FormatInfoLocaleNumber
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 2169056816-0
                                                                                                                                                                                                                            • Opcode ID: 41b0364a5f4dc6ec17f4a4ddbe2bb1b6b8b3287c305977fa8a1dd96f1799442f
                                                                                                                                                                                                                            • Instruction ID: c665c1eabc0daa80e5b6a8e4c957dca9770750bdf2f88d687c19d1dbe048b447
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 41b0364a5f4dc6ec17f4a4ddbe2bb1b6b8b3287c305977fa8a1dd96f1799442f
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 26015E36140208AFD7108BA4EC89F9A7BBCEF58710F508437BA0497160E374A915CBA9
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00457727 Relevance: 3.0, APIs: 2, Instructions: 16windowCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • GetLastError.KERNEL32(00457886,?,00000400), ref: 00457727
                                                                                                                                                                                                                            • FormatMessageW.KERNEL32(00001200,00000000,00000000,00000400,?,?,00000000), ref: 00457748
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ErrorFormatLastMessage
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 3479602957-0
                                                                                                                                                                                                                            • Opcode ID: 8767e927accf96c73eb0793819b1b0d5d5a8cd55fabf41ae32a0d8bbc349b010
                                                                                                                                                                                                                            • Instruction ID: 0f0450dbc727755da7b8feb97d917da5a7d19685e80df3ba22c9dd42cc6c6137
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8767e927accf96c73eb0793819b1b0d5d5a8cd55fabf41ae32a0d8bbc349b010
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 34D0A731348301BFF6001B307C46F1F37997B45B42F10C4287704D40E1D674A014A71D
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00482BB4 Relevance: 1.8, APIs: 1, Instructions: 269COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • RaiseException.KERNEL32(C000000D,00000000,00000001,?,?,00000008,?,?,00482BAF,?,?,00000008,?,?,0048284F,00000000), ref: 00482DE1
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ExceptionRaise
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 3997070919-0
                                                                                                                                                                                                                            • Opcode ID: a5d25a4c7b1c39388629c920c6ac6fe81ff09d719516bfe6f30f547085fb8b1d
                                                                                                                                                                                                                            • Instruction ID: 68d871deebf65a598b14d2897b4e9f1ee4efcd36acdad53f5a613dccfd7c320d
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a5d25a4c7b1c39388629c920c6ac6fe81ff09d719516bfe6f30f547085fb8b1d
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 07B17C311106089FD715DF28C58AB697BE0FF45324F258A59E8DACF3A1C379E982CB48
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00470826 Relevance: 1.6, APIs: 1, Instructions: 147COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • IsProcessorFeaturePresent.KERNEL32(0000000A), ref: 0047083C
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: FeaturePresentProcessor
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 2325560087-0
                                                                                                                                                                                                                            • Opcode ID: f6bf7da131dd3c0bbf9efe0e2eade00af609f839a6a8417a3a5ed44a1df7b969
                                                                                                                                                                                                                            • Instruction ID: 39e4b23e2d43b58b9a9723c658e25c0d2f21c09d0180c115398a20535f40c462
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f6bf7da131dd3c0bbf9efe0e2eade00af609f839a6a8417a3a5ed44a1df7b969
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DC514AB1A01205CFEB14CF59D8856AEBBF4FB48314F25866BD509EB361D378A940CF94
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0045C365 Relevance: 1.5, APIs: 1, Instructions: 27COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • GetVersionExW.KERNEL32(?), ref: 0045C388
                                                                                                                                                                                                                              • Part of subcall function 0045C3F7: __EH_prolog.LIBCMT ref: 0045C3FC
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: H_prologVersion
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1836448879-0
                                                                                                                                                                                                                            • Opcode ID: b18c1eb570ac46b74151f1c50a7c9425214eac7f1ca16dbb20ad4105ef618c17
                                                                                                                                                                                                                            • Instruction ID: 090dc97e707ba3b53e49dedbcf519124e781861be98ab44b042e12f6e16e5afa
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b18c1eb570ac46b74151f1c50a7c9425214eac7f1ca16dbb20ad4105ef618c17
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D6F05E3050438C8FDF25DB20A84A3D93BA44B2230FF0484E7CD5052293C2B9968DDB7E
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00454A8E Relevance: 1.5, Strings: 1, Instructions: 276COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                            • String ID: gj
                                                                                                                                                                                                                            • API String ID: 0-4203073231
                                                                                                                                                                                                                            • Opcode ID: 7f1f75d514aeaabf5724a3307b90c7cde44eee00cb919cfa5b83d1b0382bf323
                                                                                                                                                                                                                            • Instruction ID: d7d78f83ea3a35b89d2379812f5bf3104f2465366a9bcad1a6a37c95e489d6ef
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7f1f75d514aeaabf5724a3307b90c7cde44eee00cb919cfa5b83d1b0382bf323
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CEC148B2A083518FC354CF29D88065AFBE1BFC9308F19892EE998D7301D334A955CB96
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00470B9D Relevance: 1.5, APIs: 1, Instructions: 3COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • SetUnhandledExceptionFilter.KERNEL32(Function_00020BB0,00470605), ref: 00470BA2
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ExceptionFilterUnhandled
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 3192549508-0
                                                                                                                                                                                                                            • Opcode ID: 4953ee00170576f852542e2e08b885e0dd5d9b7ac8d0ae426725bde77179d318
                                                                                                                                                                                                                            • Instruction ID: c82d5a2a1cb00ca7a9a5d20fb704dac308622879cca9ff29e03522f49d2e7dca
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4953ee00170576f852542e2e08b885e0dd5d9b7ac8d0ae426725bde77179d318
                                                                                                                                                                                                                            • Instruction Fuzzy Hash:
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0047D1F0 Relevance: 1.3, APIs: 1, Instructions: 5memoryCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: HeapProcess
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 54951025-0
                                                                                                                                                                                                                            • Opcode ID: 86fdbeb3c1982862a8a8cf2528e3ef1b14e5e4d7852b99e91ae5c8b1ba3ab527
                                                                                                                                                                                                                            • Instruction ID: 2b09e0ad3ca2f25fb4c2fab92788220dccc69cb31e783665daae012d854f2a8c
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 86fdbeb3c1982862a8a8cf2528e3ef1b14e5e4d7852b99e91ae5c8b1ba3ab527
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EBA011302022028B83008FB2AA0C30C3AA8AA822803008038A008C0220EB2080A08B0A
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046742E Relevance: .8, Instructions: 807COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                            • Opcode ID: bb440c3f38b3e305fdd1d836c2b9e59251265d1cf162b7c6ca201f408ca991ce
                                                                                                                                                                                                                            • Instruction ID: 08c106eb478011c1ec19abe07978582eac5baed3ba2a010853741dc8bdf487df
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: bb440c3f38b3e305fdd1d836c2b9e59251265d1cf162b7c6ca201f408ca991ce
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4F623B706087859FCB29CF38C5906F97BE1AF95308F14856ED8DB8B342E738A949C716
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 004688AF Relevance: .8, Instructions: 781COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                            • Opcode ID: b65a91e4e366914e0141f10d5f4ffaf8e7de368edfeaa8d3252b84b140085dc5
                                                                                                                                                                                                                            • Instruction ID: 2c92893c85ff28f093d6960019a3b0591556db692bfd87de03971861841da9ee
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b65a91e4e366914e0141f10d5f4ffaf8e7de368edfeaa8d3252b84b140085dc5
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AC62F6716043459FCB18CF28C5905B9BBE1BF95304F08866EEC998B346E738ED45CB9A
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 004607A7 Relevance: .7, Instructions: 694COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                            • Opcode ID: a62c15b85c617ebd307b2c0f60e6839fba4416d489f0088c2584b05da129add6
                                                                                                                                                                                                                            • Instruction ID: 4f7c0a93b3f60dd0b4e5329c99f42ffdeaa33d795affaf76f763ab3540c6f97e
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a62c15b85c617ebd307b2c0f60e6839fba4416d489f0088c2584b05da129add6
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FA524972A187018FC718CF19C891A6AF7E1FFCC304F498A2DE5959B255D334EA19CB86
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00468253 Relevance: .5, Instructions: 528COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                            • Opcode ID: 76c57c5f25971ba96dcba7949e8c7b22efc65ab884c5406b2b8a3cf339dc6858
                                                                                                                                                                                                                            • Instruction ID: 9609abe67443ff51ec2fb55801dd594a863cbbe231fb5f68fd410b1bfe2106f4
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 76c57c5f25971ba96dcba7949e8c7b22efc65ab884c5406b2b8a3cf339dc6858
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0D12E9716047068FC728CF28C590779B7E0FB55308F148A2EE997C7681EB78E995CB4A
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0045D833 Relevance: .5, Instructions: 454COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                            • Opcode ID: 44b48fcf836282bb227db8748d238e8453bb92abdce8e6b634421ff5ccd8b426
                                                                                                                                                                                                                            • Instruction ID: 108041335adc8710d7ed0c0b24a8c48e6d923b1a137330b42b9e174e3ddad736
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 44b48fcf836282bb227db8748d238e8453bb92abdce8e6b634421ff5ccd8b426
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 06F1AD71A083018FC725CF29C58462BBBF5EFC9319F144A2EF88597352D639E949CB4A
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0045FCCC Relevance: .3, Instructions: 320COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                            • Opcode ID: 76ada695f2acd14673e7bdc4df0fe689dc3b30a71590fc615dbf8bff68990d61
                                                                                                                                                                                                                            • Instruction ID: 2a0aa20d5d77b22a33dd4e3479c8f47cfab26cad0b530cf69908f87a3b847065
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 76ada695f2acd14673e7bdc4df0fe689dc3b30a71590fc615dbf8bff68990d61
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 04E14B755183908FC304CF19D48056BBBF0BB9A300F4A496EF9D487352D735EA19DBAA
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00465282 Relevance: .3, Instructions: 270COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                            • Opcode ID: 0f0edab4168543933933ff689e1c5ce6e4651b3ff7a49b2e079af6b74ce182af
                                                                                                                                                                                                                            • Instruction ID: 45acf38c27580c1d4978807b1c8d59adab38c12ccef76fe34a958f6dd7455f70
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0f0edab4168543933933ff689e1c5ce6e4651b3ff7a49b2e079af6b74ce182af
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F09144B0200B059BDB24EE24D895BBA7795EB91304F10092FE99787382FF6C9589C75F
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 004655B0 Relevance: .2, Instructions: 243COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                            • Opcode ID: 931725267d3afae2a79d0ebb937372447d19929da5c01f319e552610ee085862
                                                                                                                                                                                                                            • Instruction ID: 6e507f7dbc54dca5a7d4d496b9cc0cac48236a4503a4136b1a60003dad550149
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 931725267d3afae2a79d0ebb937372447d19929da5c01f319e552610ee085862
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9D8129713047459BEB25DE29C8C1BBE37D5DB91308F10092FE9C68B282EA6C9885C75F
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 004764D7 Relevance: .2, Instructions: 237COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                            • Opcode ID: 86c941e240f950a1617cb489d62dd4fa4b4bad2085fd01dda234c4ffa75e3fb9
                                                                                                                                                                                                                            • Instruction ID: 545e6346baec62b0d5cea993e6e8464463c33fb80abdc3e79fc4a903654c47a5
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 86c941e240f950a1617cb489d62dd4fa4b4bad2085fd01dda234c4ffa75e3fb9
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 84616AB1200F0476DE384A29A955BFF339B9B00748F92C51FE84EDB389D61DDD42A25E
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 004762A8 Relevance: .2, Instructions: 214COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                            • Opcode ID: 5deea3b29f66a918188f7a75532971316276c2599c24e1ebb0fa75850081f94e
                                                                                                                                                                                                                            • Instruction ID: de89bca1cbd1a26869e32255329bb3528c6078e92d77f1c84cfac4161d94ff17
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5deea3b29f66a918188f7a75532971316276c2599c24e1ebb0fa75850081f94e
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B8513220600E489ADB38596885557FF239B9B12304F1AC95FEC8EDB383C61DEE06C35E
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 004602F7 Relevance: .2, Instructions: 161COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                            • Opcode ID: 4c345ce32e1cf5a694a128f2dbb88f24af8d596df773ee1d7d8ef0116cd65a97
                                                                                                                                                                                                                            • Instruction ID: ec337e893832b08f34387f2a21ce616fb91d2c9fdb2a8ad0be056ed6b99996b7
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4c345ce32e1cf5a694a128f2dbb88f24af8d596df773ee1d7d8ef0116cd65a97
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9251F6315083D54FC712CF39C18056FBFE0AE9A318F49099EE9D95B242E234DA8ACB57
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 004613FD Relevance: .1, Instructions: 141COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                            • Opcode ID: 7fa019513ae9596aeb67ab3b22e58393d1f6ba72e8b05a2680fbb02a3959c13a
                                                                                                                                                                                                                            • Instruction ID: 8e710d252854d0ee09b32b73b7743631f7e402ca2c065c68838f60aaf0cfe168
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7fa019513ae9596aeb67ab3b22e58393d1f6ba72e8b05a2680fbb02a3959c13a
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E751D0B1A087119FC748CF29D48055AF7E1FF88314F058A2EE899E3750DB34E959CB9A
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00465011 Relevance: .1, Instructions: 112COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                            • Opcode ID: 74cd97078976d413443546a5e6f1c41999260f7e4caf4087a6071dd61f1d0527
                                                                                                                                                                                                                            • Instruction ID: 93261e48eb74535168f12c7272da851b76f8ae9436e60bd6a6edcf172214f3d2
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 74cd97078976d413443546a5e6f1c41999260f7e4caf4087a6071dd61f1d0527
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4B31F6B1604B068FC714DF29C8512AABBD0FB95304F10492EE8D5C7742D739E90ACB96
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0045F608 Relevance: 26.5, APIs: 12, Strings: 3, Instructions: 234COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • _swprintf.LIBCMT ref: 0045F62E
                                                                                                                                                                                                                              • Part of subcall function 00454A20: __vswprintf_c_l.LEGACY_STDIO_DEFINITIONS ref: 00454A33
                                                                                                                                                                                                                              • Part of subcall function 004630F5: WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,000000FF,00000000,?,00000000,00000000,?,00493070,?,0045EC48,00000000,?,00000050,00493070), ref: 00463112
                                                                                                                                                                                                                            • _strlen.LIBCMT ref: 0045F64F
                                                                                                                                                                                                                            • SetDlgItemTextW.USER32(?,00490274,?), ref: 0045F6AF
                                                                                                                                                                                                                            • GetWindowRect.USER32(?,?), ref: 0045F6E9
                                                                                                                                                                                                                            • GetClientRect.USER32(?,?), ref: 0045F6F5
                                                                                                                                                                                                                            • GetWindowLongW.USER32(?,000000F0), ref: 0045F795
                                                                                                                                                                                                                            • GetWindowRect.USER32(?,?), ref: 0045F7C2
                                                                                                                                                                                                                            • SetWindowTextW.USER32(?,?), ref: 0045F7FB
                                                                                                                                                                                                                            • GetSystemMetrics.USER32(00000008), ref: 0045F803
                                                                                                                                                                                                                            • GetWindow.USER32(?,00000005), ref: 0045F80E
                                                                                                                                                                                                                            • GetWindowRect.USER32(00000000,?), ref: 0045F83B
                                                                                                                                                                                                                            • GetWindow.USER32(00000000,00000002), ref: 0045F8AD
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Window$Rect$Text$ByteCharClientItemLongMetricsMultiSystemWide__vswprintf_c_l_strlen_swprintf
                                                                                                                                                                                                                            • String ID: $%s:$CAPTION$d
                                                                                                                                                                                                                            • API String ID: 2407758923-2512411981
                                                                                                                                                                                                                            • Opcode ID: 632b504cbfa68fe0cb38fb5fff63e584596d20c0a86fee33c9f11ec4ed396374
                                                                                                                                                                                                                            • Instruction ID: d9dcc8f7addec87ddccfe6ffbc54d1e2efc61d32c780d40302616910723d490c
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 632b504cbfa68fe0cb38fb5fff63e584596d20c0a86fee33c9f11ec4ed396374
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CD81A072508301AFD710DF68CD89B6FBBE9EB88715F04092EF984E7251D774E8098B56
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0047DCE2 Relevance: 24.6, APIs: 13, Strings: 1, Instructions: 114COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ___free_lconv_mon.LIBCMT ref: 0047DD26
                                                                                                                                                                                                                              • Part of subcall function 0047D8C1: _free.LIBCMT ref: 0047D8DE
                                                                                                                                                                                                                              • Part of subcall function 0047D8C1: _free.LIBCMT ref: 0047D8F0
                                                                                                                                                                                                                              • Part of subcall function 0047D8C1: _free.LIBCMT ref: 0047D902
                                                                                                                                                                                                                              • Part of subcall function 0047D8C1: _free.LIBCMT ref: 0047D914
                                                                                                                                                                                                                              • Part of subcall function 0047D8C1: _free.LIBCMT ref: 0047D926
                                                                                                                                                                                                                              • Part of subcall function 0047D8C1: _free.LIBCMT ref: 0047D938
                                                                                                                                                                                                                              • Part of subcall function 0047D8C1: _free.LIBCMT ref: 0047D94A
                                                                                                                                                                                                                              • Part of subcall function 0047D8C1: _free.LIBCMT ref: 0047D95C
                                                                                                                                                                                                                              • Part of subcall function 0047D8C1: _free.LIBCMT ref: 0047D96E
                                                                                                                                                                                                                              • Part of subcall function 0047D8C1: _free.LIBCMT ref: 0047D980
                                                                                                                                                                                                                              • Part of subcall function 0047D8C1: _free.LIBCMT ref: 0047D992
                                                                                                                                                                                                                              • Part of subcall function 0047D8C1: _free.LIBCMT ref: 0047D9A4
                                                                                                                                                                                                                              • Part of subcall function 0047D8C1: _free.LIBCMT ref: 0047D9B6
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047DD1B
                                                                                                                                                                                                                              • Part of subcall function 0047A66A: RtlFreeHeap.NTDLL(00000000,00000000,?,0047DA56,?,00000000,?,00000000,?,0047DA7D,?,00000007,?,?,0047DE7A,?), ref: 0047A680
                                                                                                                                                                                                                              • Part of subcall function 0047A66A: GetLastError.KERNEL32(?,?,0047DA56,?,00000000,?,00000000,?,0047DA7D,?,00000007,?,?,0047DE7A,?,?), ref: 0047A692
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047DD3D
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047DD52
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047DD5D
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047DD7F
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047DD92
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047DDA0
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047DDAB
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047DDE3
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047DDEA
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047DE07
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047DE1F
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: _free$ErrorFreeHeapLast___free_lconv_mon
                                                                                                                                                                                                                            • String ID: hI
                                                                                                                                                                                                                            • API String ID: 161543041-1732706807
                                                                                                                                                                                                                            • Opcode ID: 70b2c58c9916ec6bce8214123116f46fa71a14178d274b83429a619b7c94002c
                                                                                                                                                                                                                            • Instruction ID: ff99967276ece3dec6753a050f7c44add01c272b8f704146e128af1ed586c083
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 70b2c58c9916ec6bce8214123116f46fa71a14178d274b83429a619b7c94002c
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F6316A31A003009FEB31AA39D845BDB73F9AF50314F18C82BE49D97251DA38EC50CA69
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046E7EE Relevance: 15.8, APIs: 8, Strings: 1, Instructions: 79windowCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • GetWindow.USER32(?,00000005), ref: 0046E811
                                                                                                                                                                                                                            • GetClassNameW.USER32(00000000,?,00000800), ref: 0046E83D
                                                                                                                                                                                                                              • Part of subcall function 00463316: CompareStringW.KERNEL32(00000400,00001001,?,000000FF,?,Function_00013316,0045D523,00000000,.exe,?,?,00000800,?,?,?,00469E5C), ref: 0046332C
                                                                                                                                                                                                                            • GetWindowLongW.USER32(00000000,000000F0), ref: 0046E859
                                                                                                                                                                                                                            • SendMessageW.USER32(00000000,00000173,00000000,00000000), ref: 0046E870
                                                                                                                                                                                                                            • GetObjectW.GDI32(00000000,00000018,?), ref: 0046E884
                                                                                                                                                                                                                            • SendMessageW.USER32(00000000,00000172,00000000,00000000), ref: 0046E8AD
                                                                                                                                                                                                                            • DeleteObject.GDI32(00000000), ref: 0046E8B4
                                                                                                                                                                                                                            • GetWindow.USER32(00000000,00000002), ref: 0046E8BD
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Window$MessageObjectSend$ClassCompareDeleteLongNameString
                                                                                                                                                                                                                            • String ID: STATIC
                                                                                                                                                                                                                            • API String ID: 3820355801-1882779555
                                                                                                                                                                                                                            • Opcode ID: 9f26af39680407d059f5fa788bef994d6c2aac137cdf1fc81029abd987d66766
                                                                                                                                                                                                                            • Instruction ID: 69b0d6787643efbbbf62a2f40786713544d5720ec9eb14a8936a2664c6b1add6
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9f26af39680407d059f5fa788bef994d6c2aac137cdf1fc81029abd987d66766
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7511E436500B107BE2217B669C0AFAFB69DEF54714F000637FA41A7292EB6C8D4546EE
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0047A421 Relevance: 15.1, APIs: 10, Instructions: 54COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047A435
                                                                                                                                                                                                                              • Part of subcall function 0047A66A: RtlFreeHeap.NTDLL(00000000,00000000,?,0047DA56,?,00000000,?,00000000,?,0047DA7D,?,00000007,?,?,0047DE7A,?), ref: 0047A680
                                                                                                                                                                                                                              • Part of subcall function 0047A66A: GetLastError.KERNEL32(?,?,0047DA56,?,00000000,?,00000000,?,0047DA7D,?,00000007,?,?,0047DE7A,?,?), ref: 0047A692
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047A441
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047A44C
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047A457
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047A462
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047A46D
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047A478
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047A483
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047A48E
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047A49C
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: _free$ErrorFreeHeapLast
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 776569668-0
                                                                                                                                                                                                                            • Opcode ID: 3087b6be3bb594289d68022143f27f4f10df34c385328fa7987f57d23e0a96fd
                                                                                                                                                                                                                            • Instruction ID: 702332549964d4d7e40c2179b4b38c79265543684330f46a0165d7845ff3df32
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3087b6be3bb594289d68022143f27f4f10df34c385328fa7987f57d23e0a96fd
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BB11D776100008AFCB01EF55C852CDD3BB5EF54754F09C1AAFA4C4F222D635DE619B45
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00473FC1 Relevance: 14.3, APIs: 5, Strings: 3, Instructions: 303COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: CallFramesMatchNestedTypeUnexpectedUnwind_aborttype_info::operator==
                                                                                                                                                                                                                            • String ID: csm$csm$csm
                                                                                                                                                                                                                            • API String ID: 322700389-393685449
                                                                                                                                                                                                                            • Opcode ID: 306d1cda00340ad9c693c1c56ee8244a73c93cbe6d80361e6a74b2659bf4e69c
                                                                                                                                                                                                                            • Instruction ID: 775d1357d7739995d5d0023ffaf7d4b003d50316ff682d4360c83f610c33a3ef
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 306d1cda00340ad9c693c1c56ee8244a73c93cbe6d80361e6a74b2659bf4e69c
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 72B19B31800209EFCF15DFA5C8818EEBBB5FF94314B15819BF8086B212D739DA61CB99
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046A6D1 Relevance: 14.1, APIs: 4, Strings: 4, Instructions: 126memoryCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • _wcslen.LIBCMT ref: 0046A6F6
                                                                                                                                                                                                                            • _wcslen.LIBCMT ref: 0046A796
                                                                                                                                                                                                                            • GlobalAlloc.KERNEL32(00000040,?), ref: 0046A7A5
                                                                                                                                                                                                                            • WideCharToMultiByte.KERNEL32(0000FDE9,00000000,00000000,000000FF,00000003,?,00000000,00000000), ref: 0046A7C6
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: _wcslen$AllocByteCharGlobalMultiWide
                                                                                                                                                                                                                            • String ID: </html>$<head><meta http-equiv="content-type" content="text/html; charset=$<html>$utf-8"></head>
                                                                                                                                                                                                                            • API String ID: 1116704506-4209811716
                                                                                                                                                                                                                            • Opcode ID: a51a243982c64f95eb9866601c5b1d5359beb8f1b4e09f729dd0e9a81ed1e32f
                                                                                                                                                                                                                            • Instruction ID: 1761ed2432b68b1c0b7d40666c035cc1a4ffb2cae7df1d238e18f8dbe8c1abef
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a51a243982c64f95eb9866601c5b1d5359beb8f1b4e09f729dd0e9a81ed1e32f
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A53126311047017AE314BB619C06FAFB7A89F41715F14451FF405A6282FB6CD91587AF
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046C7B0 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 98windowCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                              • Part of subcall function 004512F6: GetDlgItem.USER32(00000000,00003021), ref: 0045133A
                                                                                                                                                                                                                              • Part of subcall function 004512F6: SetWindowTextW.USER32(00000000,004845F4), ref: 00451350
                                                                                                                                                                                                                            • EndDialog.USER32(?,00000001), ref: 0046C800
                                                                                                                                                                                                                            • SendMessageW.USER32(?,00000080,00000001,0003046F), ref: 0046C827
                                                                                                                                                                                                                            • SendDlgItemMessageW.USER32(?,00000066,00000172,00000000,?), ref: 0046C840
                                                                                                                                                                                                                            • SetWindowTextW.USER32(?,?), ref: 0046C851
                                                                                                                                                                                                                            • GetDlgItem.USER32(?,00000065), ref: 0046C85A
                                                                                                                                                                                                                            • SendMessageW.USER32(00000000,00000435,00000000,00010000), ref: 0046C86E
                                                                                                                                                                                                                            • SendMessageW.USER32(00000000,00000443,00000000,00000000), ref: 0046C884
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: MessageSend$Item$TextWindow$Dialog
                                                                                                                                                                                                                            • String ID: LICENSEDLG
                                                                                                                                                                                                                            • API String ID: 3214253823-2177901306
                                                                                                                                                                                                                            • Opcode ID: 2b978bcf048437ae18e6a8c882a7a8b2fbd9008b2ad05cb3b7a4a9ceaab36f9c
                                                                                                                                                                                                                            • Instruction ID: 627e593c0279d0f64857aca1b3cdd4ef53f4d942909074f3eb2e9ca7704cb8d2
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2b978bcf048437ae18e6a8c882a7a8b2fbd9008b2ad05cb3b7a4a9ceaab36f9c
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9B21E6326402047BD2216B69EC89F7B7F7CEB06746F00412AF140A21A1DB5A9801967E
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0045B5D6 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 87COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • _wcslen.LIBCMT ref: 0045B5E2
                                                                                                                                                                                                                              • Part of subcall function 00462701: GetSystemTime.KERNEL32(?), ref: 0046270F
                                                                                                                                                                                                                              • Part of subcall function 00462701: SystemTimeToFileTime.KERNEL32(?,?), ref: 0046271D
                                                                                                                                                                                                                              • Part of subcall function 004626AA: __aulldiv.LIBCMT ref: 004626B3
                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 0045B60E
                                                                                                                                                                                                                            • GetCurrentProcessId.KERNEL32(00000000,?,000186A0,00000000,?,?,00000800,?), ref: 0045B615
                                                                                                                                                                                                                            • _swprintf.LIBCMT ref: 0045B640
                                                                                                                                                                                                                              • Part of subcall function 00454A20: __vswprintf_c_l.LEGACY_STDIO_DEFINITIONS ref: 00454A33
                                                                                                                                                                                                                            • _wcslen.LIBCMT ref: 0045B64A
                                                                                                                                                                                                                            • _swprintf.LIBCMT ref: 0045B6A0
                                                                                                                                                                                                                            • _wcslen.LIBCMT ref: 0045B6AA
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Time_wcslen$System__aulldiv_swprintf$CurrentFileProcess__vswprintf_c_l
                                                                                                                                                                                                                            • String ID: %u.%03u
                                                                                                                                                                                                                            • API String ID: 2956649372-1114938957
                                                                                                                                                                                                                            • Opcode ID: a6b5b952bb6c23fe6281f229e6eab08f172fd0fed9989fb5030cd2825d79a53f
                                                                                                                                                                                                                            • Instruction ID: 3abe9d6af0d58978d5ccb9dbce7210adb7a372870d0b98590786cf2cc2857ff7
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a6b5b952bb6c23fe6281f229e6eab08f172fd0fed9989fb5030cd2825d79a53f
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B02182B26043006BD610EB65CC45DAF76ECEBD5315F00492FF949D3242DB38D90887AA
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046BC2B Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 68timeCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • FileTimeToSystemTime.KERNEL32(?,?), ref: 0046BC3F
                                                                                                                                                                                                                            • SystemTimeToTzSpecificLocalTime.KERNEL32(00000000,?,?), ref: 0046BC50
                                                                                                                                                                                                                            • SystemTimeToFileTime.KERNEL32(?,?), ref: 0046BC5E
                                                                                                                                                                                                                            • FileTimeToSystemTime.KERNEL32(?,?), ref: 0046BC6C
                                                                                                                                                                                                                            • GetDateFormatW.KERNEL32(00000400,00000000,?,00000000,?,00000032), ref: 0046BC87
                                                                                                                                                                                                                            • GetTimeFormatW.KERNEL32(00000400,?,?,00000000,?,00000032), ref: 0046BCAE
                                                                                                                                                                                                                            • _swprintf.LIBCMT ref: 0046BCD4
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Time$System$File$Format$DateLocalSpecific_swprintf
                                                                                                                                                                                                                            • String ID: %s %s
                                                                                                                                                                                                                            • API String ID: 385609497-2939940506
                                                                                                                                                                                                                            • Opcode ID: e04abfc22030464cc8f18d3ed48c4cf4d4f633a0bc1f5d733015e1b80729ef0a
                                                                                                                                                                                                                            • Instruction ID: 273932f6483208eab69f6ad71f6cc9ac06bef75fbed2e0f92194693bfe473cbd
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e04abfc22030464cc8f18d3ed48c4cf4d4f633a0bc1f5d733015e1b80729ef0a
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A72106B250015DABDB21EFA0EC48EEF3BACFF59704F04042AFA05D2111E724DA49CBA4
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00470ED0 Relevance: 13.7, APIs: 9, Instructions: 154memoryCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • MultiByteToWideChar.KERNEL32(00000000,00000000,0045C43F,0045C441,00000000,00000000,70FC669A,00000001,00000000,00000000,0045C32C,?,?,?,0045C43F,ROOT\CIMV2), ref: 00470F59
                                                                                                                                                                                                                            • MultiByteToWideChar.KERNEL32(00000000,00000000,0045C43F,?,00000000,00000000,?,?,?,?,?,0045C43F), ref: 00470FD4
                                                                                                                                                                                                                            • SysAllocString.OLEAUT32(00000000), ref: 00470FDF
                                                                                                                                                                                                                            • _com_issue_error.COMSUPP ref: 00471008
                                                                                                                                                                                                                            • _com_issue_error.COMSUPP ref: 00471012
                                                                                                                                                                                                                            • GetLastError.KERNEL32(80070057,70FC669A,00000001,00000000,00000000,0045C32C,?,?,?,0045C43F,ROOT\CIMV2), ref: 00471017
                                                                                                                                                                                                                            • _com_issue_error.COMSUPP ref: 0047102A
                                                                                                                                                                                                                            • GetLastError.KERNEL32(00000000,?,0045C43F,ROOT\CIMV2), ref: 00471040
                                                                                                                                                                                                                            • _com_issue_error.COMSUPP ref: 00471053
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: _com_issue_error$ByteCharErrorLastMultiWide$AllocString
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1353541977-0
                                                                                                                                                                                                                            • Opcode ID: c24c1c31cfb03f0082da9e4baafddc5fc296be0fe970fa60f57c38322d47f286
                                                                                                                                                                                                                            • Instruction ID: 3a129fb52f51b60ae317655a638a897eb9cea03697fc36312b4352712c1f9533
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c24c1c31cfb03f0082da9e4baafddc5fc296be0fe970fa60f57c38322d47f286
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3041F471A00245EBC7109F69DC45FEFBBA8EB48714F10862FF509E7391D779A8408BA9
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0045C3F7 Relevance: 12.5, APIs: 2, Strings: 5, Instructions: 210COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: H_prolog
                                                                                                                                                                                                                            • String ID: Name$ROOT\CIMV2$SELECT * FROM Win32_OperatingSystem$WQL$Windows 10
                                                                                                                                                                                                                            • API String ID: 3519838083-3505469590
                                                                                                                                                                                                                            • Opcode ID: 9f4e21fa416001fcceb279ee7519873ba05bf5c45d800a8d50cc6dae1f7fe876
                                                                                                                                                                                                                            • Instruction ID: 06a52308250c85e5d106974ecc51fa0a2f2fd61e2d749ab9d9890ec18bb24f8d
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9f4e21fa416001fcceb279ee7519873ba05bf5c45d800a8d50cc6dae1f7fe876
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0F716D71A0031AAFDB14DFA4C8949AEB7B9EF89311B10056EE802A72A1CB34AD05CB54
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0045A5E9 Relevance: 12.4, APIs: 6, Strings: 1, Instructions: 135fileCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • __EH_prolog.LIBCMT ref: 0045A5EE
                                                                                                                                                                                                                            • GetLongPathNameW.KERNEL32(?,?,00000800), ref: 0045A611
                                                                                                                                                                                                                            • GetShortPathNameW.KERNEL32(?,?,00000800), ref: 0045A630
                                                                                                                                                                                                                              • Part of subcall function 0045D6A7: _wcslen.LIBCMT ref: 0045D6AF
                                                                                                                                                                                                                              • Part of subcall function 00463316: CompareStringW.KERNEL32(00000400,00001001,?,000000FF,?,Function_00013316,0045D523,00000000,.exe,?,?,00000800,?,?,?,00469E5C), ref: 0046332C
                                                                                                                                                                                                                            • _swprintf.LIBCMT ref: 0045A6CC
                                                                                                                                                                                                                              • Part of subcall function 00454A20: __vswprintf_c_l.LEGACY_STDIO_DEFINITIONS ref: 00454A33
                                                                                                                                                                                                                            • MoveFileW.KERNEL32(?,?), ref: 0045A73B
                                                                                                                                                                                                                            • MoveFileW.KERNEL32(?,?), ref: 0045A77B
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: FileMoveNamePath$CompareH_prologLongShortString__vswprintf_c_l_swprintf_wcslen
                                                                                                                                                                                                                            • String ID: rtmp%d
                                                                                                                                                                                                                            • API String ID: 3726343395-3303766350
                                                                                                                                                                                                                            • Opcode ID: e256a39247253e7e96f1e62b3cba3fcff7683b792ef780abeaccb6958d046387
                                                                                                                                                                                                                            • Instruction ID: 3f0aa87f2f4d062fe97e8262b90a123d06d28e5c53ce1dd1152725a8cbcbdad1
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e256a39247253e7e96f1e62b3cba3fcff7683b792ef780abeaccb6958d046387
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 144193719005156ACB20ABA1CC44EEF737CBF45346F0405ABB945A3107EB3C8A9D8F69
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00462538 Relevance: 12.1, APIs: 8, Instructions: 125timeCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 0046254E
                                                                                                                                                                                                                              • Part of subcall function 0045C619: GetVersionExW.KERNEL32(?), ref: 0045C63E
                                                                                                                                                                                                                            • FileTimeToLocalFileTime.KERNEL32(00000003,00000000,00000003,?,00000064,00000000,00000000,00000001), ref: 00462571
                                                                                                                                                                                                                            • FileTimeToSystemTime.KERNEL32(00000003,?,00000003,?,00000064,00000000,00000000,00000001), ref: 00462583
                                                                                                                                                                                                                            • SystemTimeToTzSpecificLocalTime.KERNEL32(00000000,?,?), ref: 00462594
                                                                                                                                                                                                                            • SystemTimeToFileTime.KERNEL32(?,?), ref: 004625A4
                                                                                                                                                                                                                            • SystemTimeToFileTime.KERNEL32(?,?), ref: 004625B4
                                                                                                                                                                                                                            • FileTimeToSystemTime.KERNEL32(?,?,?), ref: 004625EF
                                                                                                                                                                                                                            • __aullrem.LIBCMT ref: 00462699
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Time$File$System$Local$SpecificVersion__aulldiv__aullrem
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1247370737-0
                                                                                                                                                                                                                            • Opcode ID: c4a6d074d31a4df508f030ea5ba768baaafce9dfc86b628a2e9fdee81afe680e
                                                                                                                                                                                                                            • Instruction ID: 6e390c5c9cda014d9a447c26656ac0bc44b41230f18e065bc5fd1f4cdc3546b4
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c4a6d074d31a4df508f030ea5ba768baaafce9dfc86b628a2e9fdee81afe680e
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 074118B1508306AFC710DF65C88496BBBE9FB88714F008D2FF596C2210E778E549CB66
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046AD1E Relevance: 10.7, APIs: 1, Strings: 5, Instructions: 183COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: _wcslen
                                                                                                                                                                                                                            • String ID: </p>$</style>$<br>$<style>$>
                                                                                                                                                                                                                            • API String ID: 176396367-3568243669
                                                                                                                                                                                                                            • Opcode ID: a70dc9e537eeac76200ab36efeae32c80e00a81c3ff0dcd0dbb9efd47730f271
                                                                                                                                                                                                                            • Instruction ID: 474c66061116bd0d184dd17c441e8edc9f65b08f6b4a58b43ff971cf9d95b6fc
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a70dc9e537eeac76200ab36efeae32c80e00a81c3ff0dcd0dbb9efd47730f271
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F7512766680B6291DB30AA14881177773E1DFA0791F64441BF981AB7C0FB6D8CA18A6B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0048084D Relevance: 10.7, APIs: 7, Instructions: 152fileCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • GetConsoleCP.KERNEL32(00000000,00000000,?,?,?,?,?,?,?,00480FC2,00000000,00000000,00000000,00000000,00000000,004765AD), ref: 0048088F
                                                                                                                                                                                                                            • __fassign.LIBCMT ref: 0048090A
                                                                                                                                                                                                                            • __fassign.LIBCMT ref: 00480925
                                                                                                                                                                                                                            • WideCharToMultiByte.KERNEL32(?,00000000,00000000,00000001,00000000,00000005,00000000,00000000), ref: 0048094B
                                                                                                                                                                                                                            • WriteFile.KERNEL32(?,00000000,00000000,00480FC2,00000000,?,?,?,?,?,?,?,?,?,00480FC2,00000000), ref: 0048096A
                                                                                                                                                                                                                            • WriteFile.KERNEL32(?,00000000,00000001,00480FC2,00000000,?,?,?,?,?,?,?,?,?,00480FC2,00000000), ref: 004809A3
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: FileWrite__fassign$ByteCharConsoleMultiWide
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1324828854-0
                                                                                                                                                                                                                            • Opcode ID: 09184593b6d5643c3a422bbba073846ff7d82e0bdec56f3ba877cb5fdd007aaf
                                                                                                                                                                                                                            • Instruction ID: 9ef75c7f62d8fe90ce29c5be362e7606e9e65d5c821b3981ab13982f6402cbc0
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 09184593b6d5643c3a422bbba073846ff7d82e0bdec56f3ba877cb5fdd007aaf
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6451E3B0E00209AFDB10DFA8D845BEEBBF8EF49300F14452BE555E7252E7749944CB68
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00473A90 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 120COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • _ValidateLocalCookies.LIBCMT ref: 00473AC7
                                                                                                                                                                                                                            • ___except_validate_context_record.LIBVCRUNTIME ref: 00473ACF
                                                                                                                                                                                                                            • _ValidateLocalCookies.LIBCMT ref: 00473B58
                                                                                                                                                                                                                            • __IsNonwritableInCurrentImage.LIBCMT ref: 00473B83
                                                                                                                                                                                                                            • _ValidateLocalCookies.LIBCMT ref: 00473BD8
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: CookiesLocalValidate$CurrentImageNonwritable___except_validate_context_record
                                                                                                                                                                                                                            • String ID: csm
                                                                                                                                                                                                                            • API String ID: 1170836740-1018135373
                                                                                                                                                                                                                            • Opcode ID: fdf4c75e7f08b299e12f67bd2c5be90cfdb66c0f28348d4fb67685da8a2ac658
                                                                                                                                                                                                                            • Instruction ID: f60346453da24364b6912f35b904fff8715bb88715b0d92aa90331d87f12f077
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: fdf4c75e7f08b299e12f67bd2c5be90cfdb66c0f28348d4fb67685da8a2ac658
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5341B834A00218DFCF10DF69C885ADE7BB5AF44315F14C16AE8185B352D739AA05DB99
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046AEF5 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 116COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • ShowWindow.USER32(?,00000000), ref: 0046AF0E
                                                                                                                                                                                                                            • GetWindowRect.USER32(?,?), ref: 0046AF64
                                                                                                                                                                                                                            • ShowWindow.USER32(?,00000005,00000000), ref: 0046B001
                                                                                                                                                                                                                            • SetWindowTextW.USER32(?,00000000), ref: 0046B009
                                                                                                                                                                                                                            • ShowWindow.USER32(00000000,00000005), ref: 0046B01F
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Window$Show$RectText
                                                                                                                                                                                                                            • String ID: RarHtmlClassName
                                                                                                                                                                                                                            • API String ID: 3937224194-1658105358
                                                                                                                                                                                                                            • Opcode ID: 63e4e4735b1d1740afb83bed7083d2a0475ece2ec7adb4b68d6740a85ef8c69f
                                                                                                                                                                                                                            • Instruction ID: cf478cdb920154019b9f5ad414c669f7d4de10c5ae9622c3bfad91ce48f8e5fe
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 63e4e4735b1d1740afb83bed7083d2a0475ece2ec7adb4b68d6740a85ef8c69f
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D3410971404704AFCB219F64DC49B6BBFA8EF08304F14466AF849A9152EB78D854CFAF
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046A975 Relevance: 10.6, APIs: 2, Strings: 4, Instructions: 106COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: _wcslen
                                                                                                                                                                                                                            • String ID: $&nbsp;$<br>$<style>body{font-family:"Arial";font-size:12;}</style>
                                                                                                                                                                                                                            • API String ID: 176396367-3743748572
                                                                                                                                                                                                                            • Opcode ID: d65a05fa5f1c1170590ed25498ea063b961c8f3cab9e2550e996fff27c433620
                                                                                                                                                                                                                            • Instruction ID: 52680bcc6a5a60f2bbab15daba1f263e0c648f4cc39367857d51362ac7975322
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d65a05fa5f1c1170590ed25498ea063b961c8f3cab9e2550e996fff27c433620
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 73315C61644B01A6D630BB909C41BBB73E4EB90318F64C41FF44567380FA5CAD64C7AF
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0047DA64 Relevance: 10.6, APIs: 7, Instructions: 65COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                              • Part of subcall function 0047DA28: _free.LIBCMT ref: 0047DA51
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047DAB2
                                                                                                                                                                                                                              • Part of subcall function 0047A66A: RtlFreeHeap.NTDLL(00000000,00000000,?,0047DA56,?,00000000,?,00000000,?,0047DA7D,?,00000007,?,?,0047DE7A,?), ref: 0047A680
                                                                                                                                                                                                                              • Part of subcall function 0047A66A: GetLastError.KERNEL32(?,?,0047DA56,?,00000000,?,00000000,?,0047DA7D,?,00000007,?,?,0047DE7A,?,?), ref: 0047A692
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047DABD
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047DAC8
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047DB1C
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047DB27
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047DB32
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047DB3D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: _free$ErrorFreeHeapLast
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 776569668-0
                                                                                                                                                                                                                            • Opcode ID: ed90a822092467ab948ce4ab8a4e5ff1fef504289117e408d2aed02f462530fb
                                                                                                                                                                                                                            • Instruction ID: 1a0db41441df66007009f3267cf74d30730f5fee11ae8e33514c721d696d8d58
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ed90a822092467ab948ce4ab8a4e5ff1fef504289117e408d2aed02f462530fb
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0E11AF31A64B04AAD520BBB2CC07FCB77BCBF90304F448C1EB29EA6052DA28B4104749
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046F77A Relevance: 10.5, APIs: 3, Strings: 3, Instructions: 45libraryloaderCOMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • GetModuleHandleW.KERNEL32(KERNEL32.DLL,?,?,0046F7F5,0046F758,0046F9F9), ref: 0046F791
                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(00000000,AcquireSRWLockExclusive), ref: 0046F7A7
                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(00000000,ReleaseSRWLockExclusive), ref: 0046F7BC
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AddressProc$HandleModule
                                                                                                                                                                                                                            • String ID: AcquireSRWLockExclusive$KERNEL32.DLL$ReleaseSRWLockExclusive
                                                                                                                                                                                                                            • API String ID: 667068680-1718035505
                                                                                                                                                                                                                            • Opcode ID: f9497ab931d172bfd35b537e60071007a13f5fe238dfb4001f9df81f3d280298
                                                                                                                                                                                                                            • Instruction ID: 2e3cf5649440bb5f4c7665ecae9289a02b4cfb52fc5eb12b557ce300131a820b
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f9497ab931d172bfd35b537e60071007a13f5fe238dfb4001f9df81f3d280298
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5FF022313012225B9B215EA87C8166BA28C8A41313321083FEA80D3300F62CCC4A57EF
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00462799 Relevance: 9.1, APIs: 6, Instructions: 98timeCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • SystemTimeToFileTime.KERNEL32(?,?), ref: 004627F1
                                                                                                                                                                                                                              • Part of subcall function 0045C619: GetVersionExW.KERNEL32(?), ref: 0045C63E
                                                                                                                                                                                                                            • LocalFileTimeToFileTime.KERNEL32(?,?), ref: 00462815
                                                                                                                                                                                                                            • FileTimeToSystemTime.KERNEL32(?,?), ref: 0046282F
                                                                                                                                                                                                                            • TzSpecificLocalTimeToSystemTime.KERNEL32(00000000,?,?), ref: 00462842
                                                                                                                                                                                                                            • SystemTimeToFileTime.KERNEL32(?,?), ref: 00462852
                                                                                                                                                                                                                            • SystemTimeToFileTime.KERNEL32(?,?), ref: 00462862
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Time$File$System$Local$SpecificVersion
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 2092733347-0
                                                                                                                                                                                                                            • Opcode ID: 868be65ddd3fd77b17d0cd922c3931995e64d654bab1f65dc14b2350ab794326
                                                                                                                                                                                                                            • Instruction ID: cf888ad85f8cba91307fbfb15d4e06d71952ca0623a1001db16155bd4291aee0
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 868be65ddd3fd77b17d0cd922c3931995e64d654bab1f65dc14b2350ab794326
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2331F875108316AFC704DFA8D88499BB7E8BF98754F005A2EF995C3210E734D549CBAA
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00473C8A Relevance: 9.1, APIs: 6, Instructions: 60COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,?,00473C81,00473A3C,00470BF4), ref: 00473C98
                                                                                                                                                                                                                            • ___vcrt_FlsGetValue.LIBVCRUNTIME ref: 00473CA6
                                                                                                                                                                                                                            • ___vcrt_FlsSetValue.LIBVCRUNTIME ref: 00473CBF
                                                                                                                                                                                                                            • SetLastError.KERNEL32(00000000,00473C81,00473A3C,00470BF4), ref: 00473D11
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ErrorLastValue___vcrt_
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 3852720340-0
                                                                                                                                                                                                                            • Opcode ID: c44ab6cc88545c1fa4f196a78e277b11f3e457b052ab9272ca5890e1542ec451
                                                                                                                                                                                                                            • Instruction ID: c8f4ec4d171a032fe223b807052c308767fc8270c7f347052b72f7f4ce87d86f
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c44ab6cc88545c1fa4f196a78e277b11f3e457b052ab9272ca5890e1542ec451
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 08014C3310C3221EE6212BF57C856EB2B44EB9173AF30863FF218661E1EF191C00A68D
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0047A515 Relevance: 9.0, APIs: 6, Instructions: 50COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,004930C4,00475982,004930C4,?,?,004753FD,?,?,004930C4), ref: 0047A519
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047A54C
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047A574
                                                                                                                                                                                                                            • SetLastError.KERNEL32(00000000,?,004930C4), ref: 0047A581
                                                                                                                                                                                                                            • SetLastError.KERNEL32(00000000,?,004930C4), ref: 0047A58D
                                                                                                                                                                                                                            • _abort.LIBCMT ref: 0047A593
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ErrorLast$_free$_abort
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 3160817290-0
                                                                                                                                                                                                                            • Opcode ID: 69c240211030d063eaa8275b3b6ce51c0b8a357dcd4a9c7634660546864c8ddb
                                                                                                                                                                                                                            • Instruction ID: 71f09364938446f55c8ae77edf295c0f072cf3d79a00de34dda397d4cb63a976
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 69c240211030d063eaa8275b3b6ce51c0b8a357dcd4a9c7634660546864c8ddb
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B0F0283114060177C20533666C0AFEF176A8FC2778B24852FFA1CA2292EE2C8D22456F
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046ED8B Relevance: 9.0, APIs: 6, Instructions: 42windowsynchronizationCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • WaitForSingleObject.KERNEL32(?,0000000A), ref: 0046ED97
                                                                                                                                                                                                                            • PeekMessageW.USER32(?,00000000,00000000,00000000,00000000), ref: 0046EDB1
                                                                                                                                                                                                                            • GetMessageW.USER32(?,00000000,00000000,00000000), ref: 0046EDC2
                                                                                                                                                                                                                            • TranslateMessage.USER32(?), ref: 0046EDCC
                                                                                                                                                                                                                            • DispatchMessageW.USER32(?), ref: 0046EDD6
                                                                                                                                                                                                                            • WaitForSingleObject.KERNEL32(?,0000000A), ref: 0046EDE1
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Message$ObjectSingleWait$DispatchPeekTranslate
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 2148572870-0
                                                                                                                                                                                                                            • Opcode ID: 75c6570c4b29cbb204ab678c9dc129417b5fd8fd99f0bb4413ab7bad7fd88067
                                                                                                                                                                                                                            • Instruction ID: 66de40c641ee8e99851440cd0f3d3d9ec49957c6b583e5b295eac8c26f8ea7de
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 75c6570c4b29cbb204ab678c9dc129417b5fd8fd99f0bb4413ab7bad7fd88067
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C9F03C76E0121AABCB206BA5EC4CEDFBE6CEF82351B108522B60AD6050E6388545C7E5
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0045D4D2 Relevance: 8.9, APIs: 2, Strings: 3, Instructions: 148COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                              • Part of subcall function 00461907: _wcslen.LIBCMT ref: 0046190D
                                                                                                                                                                                                                              • Part of subcall function 0045CD5C: _wcsrchr.LIBVCRUNTIME ref: 0045CD73
                                                                                                                                                                                                                            • _wcslen.LIBCMT ref: 0045D5A4
                                                                                                                                                                                                                            • _wcslen.LIBCMT ref: 0045D5EC
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: _wcslen$_wcsrchr
                                                                                                                                                                                                                            • String ID: .exe$.rar$.sfx
                                                                                                                                                                                                                            • API String ID: 3513545583-31770016
                                                                                                                                                                                                                            • Opcode ID: 477355cdd528a0cfb2e2679a8bd149aab63ab150f6833cbb03135e5b22a82e19
                                                                                                                                                                                                                            • Instruction ID: 46adb15ba73fa7f085ccbbaa4213cc1d55dc7e9e1ec10346be922e25cf21431e
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 477355cdd528a0cfb2e2679a8bd149aab63ab150f6833cbb03135e5b22a82e19
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 68412852D01315AAC731AF748842A7B73A4EF5174EB24490FFC869B282F75C4D8AC35E
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046DFCC Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 133COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • GetTempPathW.KERNEL32(00000800,?), ref: 0046DFE2
                                                                                                                                                                                                                              • Part of subcall function 0045CAA0: _wcslen.LIBCMT ref: 0045CAA6
                                                                                                                                                                                                                            • _swprintf.LIBCMT ref: 0046E016
                                                                                                                                                                                                                              • Part of subcall function 00454A20: __vswprintf_c_l.LEGACY_STDIO_DEFINITIONS ref: 00454A33
                                                                                                                                                                                                                            • SetDlgItemTextW.USER32(?,00000066,004A2892), ref: 0046E036
                                                                                                                                                                                                                            • EndDialog.USER32(?,00000001), ref: 0046E143
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: DialogItemPathTempText__vswprintf_c_l_swprintf_wcslen
                                                                                                                                                                                                                            • String ID: %s%s%u
                                                                                                                                                                                                                            • API String ID: 110358324-1360425832
                                                                                                                                                                                                                            • Opcode ID: 7be7e5d45dfbe53e74a7511fd90d11b5fe1cdb6dc8bec04ec40f1b3b91be8972
                                                                                                                                                                                                                            • Instruction ID: 9d4c74dd621b960a50c42ecaa56be66c69d108cd463165653e33ff3648b6a1c0
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7be7e5d45dfbe53e74a7511fd90d11b5fe1cdb6dc8bec04ec40f1b3b91be8972
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 264171B5900228AADF259BA58C45BEB77ECDB04704F4080A7B909A7151FF798A44CF6A
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0045CF32 Relevance: 8.9, APIs: 3, Strings: 2, Instructions: 127COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • _wcslen.LIBCMT ref: 0045CF56
                                                                                                                                                                                                                            • GetCurrentDirectoryW.KERNEL32(000007FF,?,?,?,?,00000000,?,?,0045B505,?,?,00000800,?,?,0045B4CA,?), ref: 0045CFF4
                                                                                                                                                                                                                            • _wcslen.LIBCMT ref: 0045D06A
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: _wcslen$CurrentDirectory
                                                                                                                                                                                                                            • String ID: UNC$\\?\
                                                                                                                                                                                                                            • API String ID: 3341907918-253988292
                                                                                                                                                                                                                            • Opcode ID: 6d04c74410b095991d1b0ff07d9a019ced9c6daa9b9ed2e9bfa1cc0c6b0730b1
                                                                                                                                                                                                                            • Instruction ID: 37e51b1d1eb1882fe7bcd027ccf4bc77bbff494a1ed0b0ebb33d72584de20fcb
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 6d04c74410b095991d1b0ff07d9a019ced9c6daa9b9ed2e9bfa1cc0c6b0730b1
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 17412672800215AADF30BF21CC01EEF7769AF4575AF24442BFC5493192EB7C994AC7A9
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0047DB48 Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 110COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • MultiByteToWideChar.KERNEL32(?,00000000,62E85006,00475AD4,00000000,00000000,00476B09,?,kG,?,00000001,00475AD4,62E85006,00000001,00476B09,00476B09), ref: 0047DB95
                                                                                                                                                                                                                            • MultiByteToWideChar.KERNEL32(?,00000001,?,?,00000000,?), ref: 0047DC1E
                                                                                                                                                                                                                            • GetStringTypeW.KERNEL32(?,00000000,00000000,?), ref: 0047DC30
                                                                                                                                                                                                                            • __freea.LIBCMT ref: 0047DC39
                                                                                                                                                                                                                              • Part of subcall function 0047A7FE: RtlAllocateHeap.NTDLL(00000000,?,?,?,00475594,?,0000015D,?,?,?,?,00476A70,000000FF,00000000,?,?), ref: 0047A830
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ByteCharMultiWide$AllocateHeapStringType__freea
                                                                                                                                                                                                                            • String ID: kG
                                                                                                                                                                                                                            • API String ID: 2652629310-2652996802
                                                                                                                                                                                                                            • Opcode ID: 0e6bbc6c0b9a061e585f3e1af6449eba8d51baf8a124c3c0961c06ffaada1f2c
                                                                                                                                                                                                                            • Instruction ID: eac575a9e5686304fa47140bfe427223685c2f9156098e9e4df52a2e9bdf3b34
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0e6bbc6c0b9a061e585f3e1af6449eba8d51baf8a124c3c0961c06ffaada1f2c
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D131BF72A1020AAFDF259F65CC45DEF7BB5EF40710B05816AFC0896250E739DD91CB94
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046C8CD Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 58windowCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • LoadBitmapW.USER32(00000065), ref: 0046C8DD
                                                                                                                                                                                                                            • GetObjectW.GDI32(00000000,00000018,?), ref: 0046C902
                                                                                                                                                                                                                            • DeleteObject.GDI32(00000000), ref: 0046C934
                                                                                                                                                                                                                            • DeleteObject.GDI32(00000000), ref: 0046C957
                                                                                                                                                                                                                              • Part of subcall function 0046B6D2: FindResourceW.KERNEL32(?,PNG,00000000,?,?,?,0046C92D,00000066), ref: 0046B6E5
                                                                                                                                                                                                                              • Part of subcall function 0046B6D2: SizeofResource.KERNEL32(00000000,?,?,?,0046C92D,00000066), ref: 0046B6FC
                                                                                                                                                                                                                              • Part of subcall function 0046B6D2: LoadResource.KERNEL32(00000000,?,?,?,0046C92D,00000066), ref: 0046B713
                                                                                                                                                                                                                              • Part of subcall function 0046B6D2: LockResource.KERNEL32(00000000,?,?,?,0046C92D,00000066), ref: 0046B722
                                                                                                                                                                                                                              • Part of subcall function 0046B6D2: GlobalAlloc.KERNELBASE(00000002,00000000,?,?,?,?,?,0046C92D,00000066), ref: 0046B73D
                                                                                                                                                                                                                              • Part of subcall function 0046B6D2: GlobalLock.KERNEL32(00000000,?,?,?,?,?,0046C92D,00000066), ref: 0046B74E
                                                                                                                                                                                                                              • Part of subcall function 0046B6D2: GdipCreateHBITMAPFromBitmap.GDIPLUS(?,?,00FFFFFF), ref: 0046B7B7
                                                                                                                                                                                                                              • Part of subcall function 0046B6D2: GlobalUnlock.KERNEL32(00000000), ref: 0046B7D6
                                                                                                                                                                                                                              • Part of subcall function 0046B6D2: GlobalFree.KERNEL32(00000000), ref: 0046B7DD
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: GlobalResource$Object$BitmapDeleteLoadLock$AllocCreateFindFreeFromGdipSizeofUnlock
                                                                                                                                                                                                                            • String ID: ]
                                                                                                                                                                                                                            • API String ID: 1428510222-3352871620
                                                                                                                                                                                                                            • Opcode ID: 8c9a3726547cc22dbee9212be39ee2d061224e7a5b9819f38d247af2dd0a148d
                                                                                                                                                                                                                            • Instruction ID: e8f6a03e976e8f98cfb9b89b879a19d7bbd077284d7d85ef0b888b63ecbf6d9c
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8c9a3726547cc22dbee9212be39ee2d061224e7a5b9819f38d247af2dd0a148d
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DE01043250061577C71137658C45A7F7A79DF81B59F04012AB840F7392EF288C0986EB
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046E750 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 56COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                              • Part of subcall function 004512F6: GetDlgItem.USER32(00000000,00003021), ref: 0045133A
                                                                                                                                                                                                                              • Part of subcall function 004512F6: SetWindowTextW.USER32(00000000,004845F4), ref: 00451350
                                                                                                                                                                                                                            • EndDialog.USER32(?,00000001), ref: 0046E79B
                                                                                                                                                                                                                            • GetDlgItemTextW.USER32(?,00000068,00000800), ref: 0046E7B1
                                                                                                                                                                                                                            • SetDlgItemTextW.USER32(?,00000066,?), ref: 0046E7C5
                                                                                                                                                                                                                            • SetDlgItemTextW.USER32(?,00000068), ref: 0046E7D4
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ItemText$DialogWindow
                                                                                                                                                                                                                            • String ID: RENAMEDLG
                                                                                                                                                                                                                            • API String ID: 445417207-3299779563
                                                                                                                                                                                                                            • Opcode ID: 21c2fdf02dbff836d3cbf6a6252348a8fa2d3d0912b662ed1912e204e63af8fb
                                                                                                                                                                                                                            • Instruction ID: 5e01ea83e211b97245783acd0ff9a8af99aa339100a12e3202d4d2ace845cba2
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 21c2fdf02dbff836d3cbf6a6252348a8fa2d3d0912b662ed1912e204e63af8fb
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 290128376813107BE2115F6A9C89F677BADFB49703F100523F301A21E0D66AA8058B6F
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00479235 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 38libraryloaderCOMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • GetModuleHandleExW.KERNEL32(00000000,mscoree.dll,00000000,?,?,?,004791E6,?,?,00479186,?,0048D570,0000000C,004792DD,?,00000002), ref: 00479255
                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(00000000,CorExitProcess), ref: 00479268
                                                                                                                                                                                                                            • FreeLibrary.KERNEL32(00000000,?,?,?,004791E6,?,?,00479186,?,0048D570,0000000C,004792DD,?,00000002,00000000), ref: 0047928B
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AddressFreeHandleLibraryModuleProc
                                                                                                                                                                                                                            • String ID: CorExitProcess$mscoree.dll
                                                                                                                                                                                                                            • API String ID: 4061214504-1276376045
                                                                                                                                                                                                                            • Opcode ID: 0b0ab2542a1c7ddbf509aea524fb5816669b9ccc1c6a99e306620f07396cbc5f
                                                                                                                                                                                                                            • Instruction ID: 2ee65ff822b75fe2445723a1104ef0390b94f3c57486fa548073fc4cf22cd8c2
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0b0ab2542a1c7ddbf509aea524fb5816669b9ccc1c6a99e306620f07396cbc5f
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B3F0A430A04209BFCB11ABA4DC09BDE7FB4EB44751F1045AAF909A2261DB349E40CB48
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 004512F6 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 37COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                              • Part of subcall function 0045F608: _swprintf.LIBCMT ref: 0045F62E
                                                                                                                                                                                                                              • Part of subcall function 0045F608: _strlen.LIBCMT ref: 0045F64F
                                                                                                                                                                                                                              • Part of subcall function 0045F608: SetDlgItemTextW.USER32(?,00490274,?), ref: 0045F6AF
                                                                                                                                                                                                                              • Part of subcall function 0045F608: GetWindowRect.USER32(?,?), ref: 0045F6E9
                                                                                                                                                                                                                              • Part of subcall function 0045F608: GetClientRect.USER32(?,?), ref: 0045F6F5
                                                                                                                                                                                                                            • GetDlgItem.USER32(00000000,00003021), ref: 0045133A
                                                                                                                                                                                                                            • SetWindowTextW.USER32(00000000,004845F4), ref: 00451350
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ItemRectTextWindow$Client_strlen_swprintf
                                                                                                                                                                                                                            • String ID: 0$p0I$p0I
                                                                                                                                                                                                                            • API String ID: 2622349952-2735917712
                                                                                                                                                                                                                            • Opcode ID: 8d6ef8a0bc61b88fcb087dff5960113f423211d8c15eb5158522f77c456c1dcd
                                                                                                                                                                                                                            • Instruction ID: 254052e7f7d4b31d8ea442804d5d8c9d443f1711c60a50ffb04e6f3dc471ed57
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8d6ef8a0bc61b88fcb087dff5960113f423211d8c15eb5158522f77c456c1dcd
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D8F0AF30100648BBEF151F258C19BEA3B98BB0138AF04813AFD45546B3CB7CC998EB18
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00460627 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 20libraryloaderCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                              • Part of subcall function 00461B3B: GetSystemDirectoryW.KERNEL32(?,00000800), ref: 00461B56
                                                                                                                                                                                                                              • Part of subcall function 00461B3B: LoadLibraryW.KERNELBASE(?,?,?,?,00000800,?,0046063A,Crypt32.dll,00000000,004606B4,00000200,?,00460697,00000000,00000000,?), ref: 00461B78
                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(00000000,CryptProtectMemory), ref: 00460646
                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(0049A1F0,CryptUnprotectMemory), ref: 00460656
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AddressProc$DirectoryLibraryLoadSystem
                                                                                                                                                                                                                            • String ID: Crypt32.dll$CryptProtectMemory$CryptUnprotectMemory
                                                                                                                                                                                                                            • API String ID: 2141747552-1753850145
                                                                                                                                                                                                                            • Opcode ID: 0ad3d4ce16150726f4199dbd439ee679922897a66763525cb483e7be89670a96
                                                                                                                                                                                                                            • Instruction ID: 68a51935a931ef74063ce0ee6067a5a4553ea0514f5bddb992818af751a99440
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0ad3d4ce16150726f4199dbd439ee679922897a66763525cb483e7be89670a96
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B8E086709547125ED7216F75E948B0B7FE45F95B00F148C1FE3C593651E6BCE4408B19
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00473D6A Relevance: 7.7, APIs: 5, Instructions: 168COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AdjustPointer$_abort
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 2252061734-0
                                                                                                                                                                                                                            • Opcode ID: 78787c90d3aed933cae47a88df9d545e182b80bad6f5749704634c507275002e
                                                                                                                                                                                                                            • Instruction ID: 0c59a8db1b4d3255f72ab6d2fcd68ff1f37a65b8b1fbb09cbbd113ff446494dd
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 78787c90d3aed933cae47a88df9d545e182b80bad6f5749704634c507275002e
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2D51E2726002069FDB298F15D841BFB77A4EF44316F10C52FE94957290E779EE80EB98
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0047D0F0 Relevance: 7.6, APIs: 5, Instructions: 68COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • GetEnvironmentStringsW.KERNEL32 ref: 0047D0F9
                                                                                                                                                                                                                            • WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 0047D11C
                                                                                                                                                                                                                              • Part of subcall function 0047A7FE: RtlAllocateHeap.NTDLL(00000000,?,?,?,00475594,?,0000015D,?,?,?,?,00476A70,000000FF,00000000,?,?), ref: 0047A830
                                                                                                                                                                                                                            • WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,00000000,00000000,?,00000000,00000000), ref: 0047D142
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047D155
                                                                                                                                                                                                                            • FreeEnvironmentStringsW.KERNEL32(00000000), ref: 0047D164
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ByteCharEnvironmentMultiStringsWide$AllocateFreeHeap_free
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 336800556-0
                                                                                                                                                                                                                            • Opcode ID: 96119648f99a3f45e91b496ea44f554b8acb2f785fe10c015a4103b513b40429
                                                                                                                                                                                                                            • Instruction ID: ccea08458fd0ca397140c886b174ac7297a6666c5aeb8520e8f110ef1ebf9174
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 96119648f99a3f45e91b496ea44f554b8acb2f785fe10c015a4103b513b40429
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F2018872A112157F272156B65C8CCBF6A7DDEC2BA4754413EB90DD6341EA6C8C02C279
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0047A599 Relevance: 7.6, APIs: 5, Instructions: 53COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,?,?,0047A7F0,0047C348,?,0047A543,00000001,00000364,?,004753FD,?,?,004930C4), ref: 0047A59E
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047A5D3
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047A5FA
                                                                                                                                                                                                                            • SetLastError.KERNEL32(00000000,?,004930C4), ref: 0047A607
                                                                                                                                                                                                                            • SetLastError.KERNEL32(00000000,?,004930C4), ref: 0047A610
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ErrorLast$_free
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 3170660625-0
                                                                                                                                                                                                                            • Opcode ID: 0242b1be6eb5d84ba53d46aeef5238af7c08122a5ba684945113718ed4680a28
                                                                                                                                                                                                                            • Instruction ID: f2462cfed450c3910f1dbda4616205542ffe35a2f17364c3267479ad29595d17
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0242b1be6eb5d84ba53d46aeef5238af7c08122a5ba684945113718ed4680a28
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E4014932184601B7820637766CC5DDF216ADBC1378328843FF90D92242EE2C8C21116F
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046220D Relevance: 7.5, APIs: 5, Instructions: 43COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                              • Part of subcall function 004624EF: ResetEvent.KERNEL32(?), ref: 00462501
                                                                                                                                                                                                                              • Part of subcall function 004624EF: ReleaseSemaphore.KERNEL32(?,00000000,00000000), ref: 00462515
                                                                                                                                                                                                                            • ReleaseSemaphore.KERNEL32(?,00000040,00000000), ref: 00462241
                                                                                                                                                                                                                            • CloseHandle.KERNEL32(?,?), ref: 0046225B
                                                                                                                                                                                                                            • DeleteCriticalSection.KERNEL32(?), ref: 00462274
                                                                                                                                                                                                                            • CloseHandle.KERNEL32(?), ref: 00462280
                                                                                                                                                                                                                            • CloseHandle.KERNEL32(?), ref: 0046228C
                                                                                                                                                                                                                              • Part of subcall function 00462303: WaitForSingleObject.KERNEL32(?,000000FF,00462420,?,?,0046249F,?,?,?,?,?,00462489), ref: 00462309
                                                                                                                                                                                                                              • Part of subcall function 00462303: GetLastError.KERNEL32(?,?,0046249F,?,?,?,?,?,00462489), ref: 00462315
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: CloseHandle$ReleaseSemaphore$CriticalDeleteErrorEventLastObjectResetSectionSingleWait
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1868215902-0
                                                                                                                                                                                                                            • Opcode ID: e8853bc335fb1984736cc71fd3c5fe66e6f51566f7d8082c91f5e97b1adbe329
                                                                                                                                                                                                                            • Instruction ID: 2e4cae78ede8f51baa402d866c9570d38dbf956c9246e154013dd36c2166cde6
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e8853bc335fb1984736cc71fd3c5fe66e6f51566f7d8082c91f5e97b1adbe329
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8F01B572000B05EFC7229F64DD84BCABBA9FB49710F000D3EF26A52160CBB96A55DB58
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0047D9BF Relevance: 7.5, APIs: 5, Instructions: 40COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047D9D7
                                                                                                                                                                                                                              • Part of subcall function 0047A66A: RtlFreeHeap.NTDLL(00000000,00000000,?,0047DA56,?,00000000,?,00000000,?,0047DA7D,?,00000007,?,?,0047DE7A,?), ref: 0047A680
                                                                                                                                                                                                                              • Part of subcall function 0047A66A: GetLastError.KERNEL32(?,?,0047DA56,?,00000000,?,00000000,?,0047DA7D,?,00000007,?,?,0047DE7A,?,?), ref: 0047A692
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047D9E9
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047D9FB
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047DA0D
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047DA1F
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: _free$ErrorFreeHeapLast
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 776569668-0
                                                                                                                                                                                                                            • Opcode ID: 8f92e949325425d68f0077e170d008f54363b5fc0713a1925e5f44b858fd1612
                                                                                                                                                                                                                            • Instruction ID: 14914dfbe825c5e2db47e676ef171bb54a7a2bfbe45755012537146074e67655
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8f92e949325425d68f0077e170d008f54363b5fc0713a1925e5f44b858fd1612
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 13F0EC72924200AB8A20DB65E586C9A73F9BF5471075C8C1BF08CD7641CB79FC80866C
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00463338 Relevance: 7.5, APIs: 5, Instructions: 39COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • _wcslen.LIBCMT ref: 00463340
                                                                                                                                                                                                                            • _wcslen.LIBCMT ref: 00463351
                                                                                                                                                                                                                            • _wcslen.LIBCMT ref: 00463361
                                                                                                                                                                                                                            • _wcslen.LIBCMT ref: 0046336F
                                                                                                                                                                                                                            • CompareStringW.KERNEL32(00000400,00001001,?,?,?,?,00000000,00000000,?,0045C844,?,?,00000000,?,?,?), ref: 0046338A
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: _wcslen$CompareString
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 3397213944-0
                                                                                                                                                                                                                            • Opcode ID: 8142df04ad668c5f8a7b4eff23304e33dfafa5924c046d45c833eabb2b274252
                                                                                                                                                                                                                            • Instruction ID: 38050bbf291219ec0d82fef8c37e4ce4bf90b7858e8f438e1318baca51222444
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8142df04ad668c5f8a7b4eff23304e33dfafa5924c046d45c833eabb2b274252
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6EF06D32108154BFCF222F52DC09CDE3F26EB92771B11C01AFA195B0A1CF329AA19699
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00479CD0 Relevance: 7.5, APIs: 5, Instructions: 30COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • _free.LIBCMT ref: 00479CEE
                                                                                                                                                                                                                              • Part of subcall function 0047A66A: RtlFreeHeap.NTDLL(00000000,00000000,?,0047DA56,?,00000000,?,00000000,?,0047DA7D,?,00000007,?,?,0047DE7A,?), ref: 0047A680
                                                                                                                                                                                                                              • Part of subcall function 0047A66A: GetLastError.KERNEL32(?,?,0047DA56,?,00000000,?,00000000,?,0047DA7D,?,00000007,?,?,0047DE7A,?,?), ref: 0047A692
                                                                                                                                                                                                                            • _free.LIBCMT ref: 00479D00
                                                                                                                                                                                                                            • _free.LIBCMT ref: 00479D13
                                                                                                                                                                                                                            • _free.LIBCMT ref: 00479D24
                                                                                                                                                                                                                            • _free.LIBCMT ref: 00479D35
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: _free$ErrorFreeHeapLast
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 776569668-0
                                                                                                                                                                                                                            • Opcode ID: e78381b0600fb0686f5263f843f14223142766a0f20d229c7040690e6facaae6
                                                                                                                                                                                                                            • Instruction ID: c10f4bf57bdd73cb244f446c31190506d2d89cbaa6c943a10eb026466f7791ab
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e78381b0600fb0686f5263f843f14223142766a0f20d229c7040690e6facaae6
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DFF03A718011208FCE06AF24FC428893BA1F7A6724319877BF41E52372CB794C11DB8D
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00462948 Relevance: 7.2, APIs: 2, Strings: 2, Instructions: 197COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: _swprintf
                                                                                                                                                                                                                            • String ID: %ls$%s: %s
                                                                                                                                                                                                                            • API String ID: 589789837-2259941744
                                                                                                                                                                                                                            • Opcode ID: 2e11ca0a9458e2d83b1ee5b40373d70078d3e844a33c3944fa95398ee5550bd0
                                                                                                                                                                                                                            • Instruction ID: ec903f4fe44c9e9b082cde2ac99eb3df60235f93de48d6607164d6f4b7fc44ca
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2e11ca0a9458e2d83b1ee5b40373d70078d3e844a33c3944fa95398ee5550bd0
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4451D875788F00FAE6211E948F02F367254AF04F0AF24490BBB87640E5E5EDA556AB1F
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00479330 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 116COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • GetModuleFileNameA.KERNEL32(00000000,C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe,00000104), ref: 00479370
                                                                                                                                                                                                                            • _free.LIBCMT ref: 0047943B
                                                                                                                                                                                                                            • _free.LIBCMT ref: 00479445
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: _free$FileModuleName
                                                                                                                                                                                                                            • String ID: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.MulDrop26.56882.6817.6147.exe
                                                                                                                                                                                                                            • API String ID: 2506810119-3493000031
                                                                                                                                                                                                                            • Opcode ID: 24af07bad28f4c40b459c0e11508bf5efd6c08600955cde40a39df7cd5338d64
                                                                                                                                                                                                                            • Instruction ID: f34a2a391b63a844b701e141579037e6b27302af4b7a40f570993e2cc422f4c8
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 24af07bad28f4c40b459c0e11508bf5efd6c08600955cde40a39df7cd5338d64
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4331A271A04218EBCB11DB999881DDEBBF8EB85314F14816BF90897301D7788E41CBA9
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00474366 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 112COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • EncodePointer.KERNEL32(00000000,?,00000000,1FFFFFFF), ref: 0047438B
                                                                                                                                                                                                                            • _abort.LIBCMT ref: 00474496
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: EncodePointer_abort
                                                                                                                                                                                                                            • String ID: MOC$RCC
                                                                                                                                                                                                                            • API String ID: 948111806-2084237596
                                                                                                                                                                                                                            • Opcode ID: 079dc564f4acbc7c7d135fd617c43c7e3abe8f57ee6f0b168cf21e38c1734868
                                                                                                                                                                                                                            • Instruction ID: b1a0b43573d8878e450a02bb2ace1b58e3f38115e71aef076b40df45d1165383
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 079dc564f4acbc7c7d135fd617c43c7e3abe8f57ee6f0b168cf21e38c1734868
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 78414A71900209EFDF16DF98DD81AEE7BB5BF88314F14805AF908A7221D3399961EB58
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00457F1B Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 92COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • __EH_prolog.LIBCMT ref: 00457F20
                                                                                                                                                                                                                              • Part of subcall function 004542F1: __EH_prolog.LIBCMT ref: 004542F6
                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,?,00000800,?,?,?,00000000,00000000), ref: 00457FE5
                                                                                                                                                                                                                              • Part of subcall function 00458704: GetCurrentProcess.KERNEL32(00000020,?), ref: 00458713
                                                                                                                                                                                                                              • Part of subcall function 00458704: GetLastError.KERNEL32 ref: 00458759
                                                                                                                                                                                                                              • Part of subcall function 00458704: CloseHandle.KERNEL32(?), ref: 00458768
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ErrorH_prologLast$CloseCurrentHandleProcess
                                                                                                                                                                                                                            • String ID: SeRestorePrivilege$SeSecurityPrivilege
                                                                                                                                                                                                                            • API String ID: 3813983858-639343689
                                                                                                                                                                                                                            • Opcode ID: d4f323959fc3a5518665b98abe8e4fe4393dc5a18555840922cb1fb9630e5a8c
                                                                                                                                                                                                                            • Instruction ID: 688677b3908a9766d8cdd02c5300d9a0181c17011344c77b3997a4580f5680a7
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d4f323959fc3a5518665b98abe8e4fe4393dc5a18555840922cb1fb9630e5a8c
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2F31C131900244AADF20FF65AC01BAF7B69AB0571AF00403BF844B6297DA7C4948CB69
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046BDE0 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 72COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                              • Part of subcall function 004512F6: GetDlgItem.USER32(00000000,00003021), ref: 0045133A
                                                                                                                                                                                                                              • Part of subcall function 004512F6: SetWindowTextW.USER32(00000000,004845F4), ref: 00451350
                                                                                                                                                                                                                            • EndDialog.USER32(?,00000001), ref: 0046BE68
                                                                                                                                                                                                                            • GetDlgItemTextW.USER32(?,00000066,?,?), ref: 0046BE7D
                                                                                                                                                                                                                            • SetDlgItemTextW.USER32(?,00000066,?), ref: 0046BE92
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ItemText$DialogWindow
                                                                                                                                                                                                                            • String ID: ASKNEXTVOL
                                                                                                                                                                                                                            • API String ID: 445417207-3402441367
                                                                                                                                                                                                                            • Opcode ID: 1851b8ff8c74069fa178e38e12d304e8b4e2f197d2bf9a87f80d59095dd6183a
                                                                                                                                                                                                                            • Instruction ID: f842f0daa5e614bd06cbc8e8bea99e549c138788bf78bd7b6f9329d6f0b60146
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1851b8ff8c74069fa178e38e12d304e8b4e2f197d2bf9a87f80d59095dd6183a
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D0110333600110BFD611AFA9DC05FA73B69EB4A741F000526FB41EA1B1D72B994A87AF
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0045EC0C Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 67COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • __fprintf_l.LIBCMT ref: 0045EC74
                                                                                                                                                                                                                            • _strncpy.LIBCMT ref: 0045ECBA
                                                                                                                                                                                                                              • Part of subcall function 004630F5: WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,000000FF,00000000,?,00000000,00000000,?,00493070,?,0045EC48,00000000,?,00000050,00493070), ref: 00463112
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ByteCharMultiWide__fprintf_l_strncpy
                                                                                                                                                                                                                            • String ID: $%s$@%s
                                                                                                                                                                                                                            • API String ID: 562999700-834177443
                                                                                                                                                                                                                            • Opcode ID: 2c329a43b02816659c427cf9258e4954eadae0ae90dcfc6bcf75938545f00f1d
                                                                                                                                                                                                                            • Instruction ID: 02a99ec9d3a263d4e332de1d62f7624b6031bc7a48da80b647bba3dd7d009a81
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2c329a43b02816659c427cf9258e4954eadae0ae90dcfc6bcf75938545f00f1d
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1021C072840208AEEF25EFA6CD45FDF3BA8AF05705F140427FD1496292E379D7088B59
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00462166 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 63COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • InitializeCriticalSection.KERNEL32(00000320,00000000,?,?,?,0045C04A,00000008,?,00000000,?,0045E685,?,00000000), ref: 004621A5
                                                                                                                                                                                                                            • CreateSemaphoreW.KERNEL32(00000000,00000000,00000040,00000000,?,?,?,0045C04A,00000008,?,00000000,?,0045E685,?,00000000), ref: 004621AF
                                                                                                                                                                                                                            • CreateEventW.KERNEL32(00000000,00000001,00000001,00000000,?,?,?,0045C04A,00000008,?,00000000,?,0045E685,?,00000000), ref: 004621BF
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            • Thread pool initialization failed., xrefs: 004621D7
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Create$CriticalEventInitializeSectionSemaphore
                                                                                                                                                                                                                            • String ID: Thread pool initialization failed.
                                                                                                                                                                                                                            • API String ID: 3340455307-2182114853
                                                                                                                                                                                                                            • Opcode ID: 2455acacfe9f9bbf55da8ba5e82dfc88d9127f68fcbeeae3b27167ef9c1bb8b5
                                                                                                                                                                                                                            • Instruction ID: ac88cc48b57ade572935547a9cfc864c7f4437bd3b257afa0f82e9ad952811f8
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2455acacfe9f9bbf55da8ba5e82dfc88d9127f68fcbeeae3b27167ef9c1bb8b5
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4C1194B1608B05AFC3215F6A9C84A9BFBDCFB56754F10482FF6D6C2200E6B559408B69
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046C460 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 62COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                              • Part of subcall function 004512F6: GetDlgItem.USER32(00000000,00003021), ref: 0045133A
                                                                                                                                                                                                                              • Part of subcall function 004512F6: SetWindowTextW.USER32(00000000,004845F4), ref: 00451350
                                                                                                                                                                                                                            • EndDialog.USER32(?,00000001), ref: 0046C4AE
                                                                                                                                                                                                                            • GetDlgItemTextW.USER32(?,00000066,?,00000200), ref: 0046C4C6
                                                                                                                                                                                                                            • SetDlgItemTextW.USER32(?,00000067,?), ref: 0046C4F4
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ItemText$DialogWindow
                                                                                                                                                                                                                            • String ID: GETPASSWORD1
                                                                                                                                                                                                                            • API String ID: 445417207-3292211884
                                                                                                                                                                                                                            • Opcode ID: d533b56faaac2be03410c29cc4177a6f8dd31d4b4be9f136987d3ecde57f57f1
                                                                                                                                                                                                                            • Instruction ID: 4b44d4d06a8b5a4a115f41ef488bb2d78fd0f53a65544ed9069453e8c682ec42
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d533b56faaac2be03410c29cc4177a6f8dd31d4b4be9f136987d3ecde57f57f1
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A1110472A001187BDB21DA689CD9FFB372CEB45714F000126FB45F6184EA78AD02866E
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046EE2D Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 46COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                            • String ID: RENAMEDLG$REPLACEFILEDLG
                                                                                                                                                                                                                            • API String ID: 0-56093855
                                                                                                                                                                                                                            • Opcode ID: c1aa48e33c70120723a293ac84b31b33cc36cbd2880e128356fc266c60b2098b
                                                                                                                                                                                                                            • Instruction ID: f2aefa624175ab445668773f1ddae4af340b75816c114d92f171cd610c182c80
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c1aa48e33c70120723a293ac84b31b33cc36cbd2880e128356fc266c60b2098b
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BB019A79A04204ABCB119F2AEC48B577FE8AB15389B100137F90592270E3768C60DBAE
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00454957 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 34COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • std::_Xinvalid_argument.LIBCPMT ref: 0045495C
                                                                                                                                                                                                                              • Part of subcall function 0046FD1D: std::invalid_argument::invalid_argument.LIBCONCRT ref: 0046FD29
                                                                                                                                                                                                                              • Part of subcall function 0046FD1D: ___delayLoadHelper2@8.DELAYIMP ref: 0046FD4F
                                                                                                                                                                                                                            • std::_Xinvalid_argument.LIBCPMT ref: 00454967
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Xinvalid_argumentstd::_$Helper2@8Load___delaystd::invalid_argument::invalid_argument
                                                                                                                                                                                                                            • String ID: string too long$vector too long
                                                                                                                                                                                                                            • API String ID: 2355824318-1617939282
                                                                                                                                                                                                                            • Opcode ID: 885efea15e69b1d78cc5d3ca29636eb62fd57508e1bde782b17b13636ab05000
                                                                                                                                                                                                                            • Instruction ID: b5288a0f42a10c08f74c1c818e945ab2e5da34f58000982526ca9e188bc0f382
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 885efea15e69b1d78cc5d3ca29636eb62fd57508e1bde782b17b13636ab05000
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7BF0AE71200304674624AF69FC4684BB3EDEFC5755720091BFD85D7602E778F9488BBA
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0047ABDA Relevance: 6.3, APIs: 4, Instructions: 305COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: __alldvrm$_strrchr
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1036877536-0
                                                                                                                                                                                                                            • Opcode ID: 11928e2537a4dd367eb88350d438216194463e35c46b68634b5d5fb98095dd98
                                                                                                                                                                                                                            • Instruction ID: 85a4dd56eb387cba364aca0cd01d1ffe295e5c28ebbb572c1736241a1f748a10
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 11928e2537a4dd367eb88350d438216194463e35c46b68634b5d5fb98095dd98
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B7A12671A442869FDB22CF28C8917EEBBE5EF91310F18816FE4899B341C63C8D51C75A
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0045B74D Relevance: 6.1, APIs: 4, Instructions: 127filetimeCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • CreateFileW.KERNEL32(?,40000000,00000003,00000000,00000003,02000000,00000000,?,?,?,00000800,?,00458D5C,?,?,?), ref: 0045B7F3
                                                                                                                                                                                                                            • CreateFileW.KERNEL32(?,40000000,00000003,00000000,00000003,02000000,00000000,?,?,00000800,?,00000800,?,00458D5C,?,?), ref: 0045B837
                                                                                                                                                                                                                            • SetFileTime.KERNEL32(?,00458AEC,?,00000000,?,00000800,?,00458D5C,?,?,?,?,?,?,?,?), ref: 0045B8B8
                                                                                                                                                                                                                            • CloseHandle.KERNEL32(?,?,00000800,?,00458D5C,?,?,?,?,?,?,?,?,?,?), ref: 0045B8BF
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: File$Create$CloseHandleTime
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 2287278272-0
                                                                                                                                                                                                                            • Opcode ID: 966a42adcaddaad0bc12d7b4f2acbeabf48a8718907f73d1e8c806a397263961
                                                                                                                                                                                                                            • Instruction ID: 756fd8f948ff55bd904b9cb70ed5fb81a69c338a7ebf3bcfb67e8a6fe9efb62f
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 966a42adcaddaad0bc12d7b4f2acbeabf48a8718907f73d1e8c806a397263961
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EA41E331148381AEE721EF24DC51BAFBBE8DB85305F04091EF9D1972D2D7689A0CDB96
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 004510E0 Relevance: 6.1, APIs: 4, Instructions: 119COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: _wcslen
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 176396367-0
                                                                                                                                                                                                                            • Opcode ID: d3757dbb0f0f7601b1b89aeae8dca00b42ae2c823dfcefe6c531c30ae049e9b2
                                                                                                                                                                                                                            • Instruction ID: ec04b6e2b3a4f8df3307e29155b779d87074338cfe807a4de4b201524e08eac8
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d3757dbb0f0f7601b1b89aeae8dca00b42ae2c823dfcefe6c531c30ae049e9b2
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EF410471A006255BCB11AF689C49AEFBB78EF05315F00012EFD05F7255DF34AD488AE9
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0045851F Relevance: 6.1, APIs: 4, Instructions: 118COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • _wcslen.LIBCMT ref: 00458532
                                                                                                                                                                                                                            • _wcslen.LIBCMT ref: 00458558
                                                                                                                                                                                                                            • _wcslen.LIBCMT ref: 004585EF
                                                                                                                                                                                                                            • _wcslen.LIBCMT ref: 00458657
                                                                                                                                                                                                                              • Part of subcall function 0045B966: FindClose.KERNELBASE(00000000,000000FF,?,?), ref: 0045B991
                                                                                                                                                                                                                              • Part of subcall function 0045B41F: RemoveDirectoryW.KERNEL32(?,?,?,00458649,?), ref: 0045B430
                                                                                                                                                                                                                              • Part of subcall function 0045B41F: RemoveDirectoryW.KERNEL32(?,?,?,00000800,?,00458649,?), ref: 0045B45E
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: _wcslen$DirectoryRemove$CloseFind
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 973666142-0
                                                                                                                                                                                                                            • Opcode ID: e0f50f7b53dfb6e5f5ef76ba58ffa1aa3b18ce34434ecafa38cc78c1fb134bab
                                                                                                                                                                                                                            • Instruction ID: 4cec89c944459aea30db617e77d9e46bc73b2f09a4371907b37690d0109ab19e
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e0f50f7b53dfb6e5f5ef76ba58ffa1aa3b18ce34434ecafa38cc78c1fb134bab
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5731B371900258A6CF21AF618C41AEB3365AF55386F04445FFC49B7247EF78CE8DCA98
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046B673 Relevance: 6.0, APIs: 4, Instructions: 19COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • GetDC.USER32(00000000), ref: 0046B676
                                                                                                                                                                                                                            • GetDeviceCaps.GDI32(00000000,00000058), ref: 0046B685
                                                                                                                                                                                                                            • GetDeviceCaps.GDI32(00000000,0000005A), ref: 0046B693
                                                                                                                                                                                                                            • ReleaseDC.USER32(00000000,00000000), ref: 0046B6A1
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: CapsDevice$Release
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1035833867-0
                                                                                                                                                                                                                            • Opcode ID: 3693baf8d67a96f1c0b0a4d48eeb14711673fba767a01c84c47ec32af2dc53a8
                                                                                                                                                                                                                            • Instruction ID: 3cdf955ca3a38f394b09e93f306ea1b56e7297a85aa16a4739b5f10f48bba904
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3693baf8d67a96f1c0b0a4d48eeb14711673fba767a01c84c47ec32af2dc53a8
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B0E01231985E70ABD7612B74BC1DB9BBF54EB15713F080236F601A61D0DBB444408FDA
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046B81C Relevance: 5.5, APIs: 2, Strings: 1, Instructions: 238COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                              • Part of subcall function 0046B6A9: GetDC.USER32(00000000), ref: 0046B6AD
                                                                                                                                                                                                                              • Part of subcall function 0046B6A9: GetDeviceCaps.GDI32(00000000,0000000C), ref: 0046B6B8
                                                                                                                                                                                                                              • Part of subcall function 0046B6A9: ReleaseDC.USER32(00000000,00000000), ref: 0046B6C3
                                                                                                                                                                                                                            • GetObjectW.GDI32(?,00000018,?), ref: 0046B84C
                                                                                                                                                                                                                              • Part of subcall function 0046BADE: GetDC.USER32(00000000), ref: 0046BAE7
                                                                                                                                                                                                                              • Part of subcall function 0046BADE: GetObjectW.GDI32(?,00000018,?), ref: 0046BB16
                                                                                                                                                                                                                              • Part of subcall function 0046BADE: ReleaseDC.USER32(00000000,?), ref: 0046BBAE
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ObjectRelease$CapsDevice
                                                                                                                                                                                                                            • String ID: (
                                                                                                                                                                                                                            • API String ID: 1061551593-3887548279
                                                                                                                                                                                                                            • Opcode ID: 6496f82a3e309bf2e363dacd8a116c858bffe152b76d98c8c6cd6ca80ea36ddf
                                                                                                                                                                                                                            • Instruction ID: 9751e8533d500c8170e3da3e74b8aabb685bf6bd373b9de2a1d88c8f8e8ddfe7
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 6496f82a3e309bf2e363dacd8a116c858bffe152b76d98c8c6cd6ca80ea36ddf
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0C910271608351AFD710DF65C844A2BBBE8FFC8744F00496EF59AD3260DB74A846CBA6
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 004580BE Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 138timeCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • __EH_prolog.LIBCMT ref: 004580C3
                                                                                                                                                                                                                              • Part of subcall function 00461907: _wcslen.LIBCMT ref: 0046190D
                                                                                                                                                                                                                              • Part of subcall function 0045B966: FindClose.KERNELBASE(00000000,000000FF,?,?), ref: 0045B991
                                                                                                                                                                                                                            • SetFileTime.KERNEL32(?,?,?,?,?,00000005,?,00000011,?,?,00000000,?,0000003A,00000802), ref: 00458262
                                                                                                                                                                                                                              • Part of subcall function 0045B8E6: SetFileAttributesW.KERNELBASE(?,00000000,00000001,?,0045B5B5,?,?,?,0045B405,?,00000001,00000000,?,?), ref: 0045B8FA
                                                                                                                                                                                                                              • Part of subcall function 0045B8E6: SetFileAttributesW.KERNEL32(?,00000000,?,?,00000800,?,0045B5B5,?,?,?,0045B405,?,00000001,00000000,?,?), ref: 0045B92B
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: File$Attributes$CloseFindH_prologTime_wcslen
                                                                                                                                                                                                                            • String ID: :
                                                                                                                                                                                                                            • API String ID: 3226429890-336475711
                                                                                                                                                                                                                            • Opcode ID: 0ad6774e3d4f4ce2688c6fb5d128addb0b364c0898652cacd4b3228d3b5eccd3
                                                                                                                                                                                                                            • Instruction ID: 8bb5f0a26905337832572b7e99abe761965522cdad841266ebf3b828b52a068e
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0ad6774e3d4f4ce2688c6fb5d128addb0b364c0898652cacd4b3228d3b5eccd3
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4A516071800518AADB24EB51CC56EEE737CAF45305F0041AEBA06A6193DF785F8DCF69
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0046069C Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 67COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                              • Part of subcall function 00460627: GetProcAddress.KERNEL32(00000000,CryptProtectMemory), ref: 00460646
                                                                                                                                                                                                                              • Part of subcall function 00460627: GetProcAddress.KERNEL32(0049A1F0,CryptUnprotectMemory), ref: 00460656
                                                                                                                                                                                                                            • GetCurrentProcessId.KERNEL32(?,00000200,?,00460697), ref: 0046072A
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            • CryptProtectMemory failed, xrefs: 004606E1
                                                                                                                                                                                                                            • CryptUnprotectMemory failed, xrefs: 00460722
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AddressProc$CurrentProcess
                                                                                                                                                                                                                            • String ID: CryptProtectMemory failed$CryptUnprotectMemory failed
                                                                                                                                                                                                                            • API String ID: 2190909847-396321323
                                                                                                                                                                                                                            • Opcode ID: 7e12eb30a30e6b503b7170a4e1e1e7ce28ef793e25e2ccb95c5ff6da93489a5f
                                                                                                                                                                                                                            • Instruction ID: 83859649bddd2a957566db28b185277b166f1bdb2b34955e1416d7e4f756623f
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7e12eb30a30e6b503b7170a4e1e1e7ce28ef793e25e2ccb95c5ff6da93489a5f
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 20110331A04265ABDF156F20DC45A6F3B14EF50765B05413BFC016B391E738AD518BDE
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0045CDC0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 62COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • _swprintf.LIBCMT ref: 0045CDE7
                                                                                                                                                                                                                              • Part of subcall function 00454A20: __vswprintf_c_l.LEGACY_STDIO_DEFINITIONS ref: 00454A33
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: __vswprintf_c_l_swprintf
                                                                                                                                                                                                                            • String ID: %c:\
                                                                                                                                                                                                                            • API String ID: 1543624204-3142399695
                                                                                                                                                                                                                            • Opcode ID: 399f4e47e9ff1003c4e5610afed48f2b522c957721f4113ceefb5f1717b00223
                                                                                                                                                                                                                            • Instruction ID: 87f52087862c5c259f7b8a68031a03d5b6ef3e8899e025276c1573d72f7855b0
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 399f4e47e9ff1003c4e5610afed48f2b522c957721f4113ceefb5f1717b00223
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B90149635043117ED6306B3A8CC3D6BA7ACDFD5372B40840FFC88C6183EA28D848D2A9
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00470D7C Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 59COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • IsProcessorFeaturePresent.KERNEL32(00000017), ref: 00470DBD
                                                                                                                                                                                                                            • ___raise_securityfailure.LIBCMT ref: 00470EA5
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: FeaturePresentProcessor___raise_securityfailure
                                                                                                                                                                                                                            • String ID: x=K
                                                                                                                                                                                                                            • API String ID: 3761405300-776286300
                                                                                                                                                                                                                            • Opcode ID: da3a1fd04411a399e95d451899006efaaf92aa67d1f8b77171c2e98a62234a41
                                                                                                                                                                                                                            • Instruction ID: 3f9e297db46ac25ca5b5851aca055c5b52b6d1c1c4a0e45d6ce6222c86aef4bb
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: da3a1fd04411a399e95d451899006efaaf92aa67d1f8b77171c2e98a62234a41
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1B21B3B5550300EFD710CF5AE9466447BA8BB58716F50523BE508873A0E3B5EA80CF4C
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0047962A Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 33COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                              • Part of subcall function 0047D0F0: GetEnvironmentStringsW.KERNEL32 ref: 0047D0F9
                                                                                                                                                                                                                              • Part of subcall function 0047D0F0: WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 0047D11C
                                                                                                                                                                                                                              • Part of subcall function 0047D0F0: WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,00000000,00000000,?,00000000,00000000), ref: 0047D142
                                                                                                                                                                                                                              • Part of subcall function 0047D0F0: _free.LIBCMT ref: 0047D155
                                                                                                                                                                                                                              • Part of subcall function 0047D0F0: FreeEnvironmentStringsW.KERNEL32(00000000), ref: 0047D164
                                                                                                                                                                                                                            • _free.LIBCMT ref: 00479670
                                                                                                                                                                                                                            • _free.LIBCMT ref: 00479677
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: _free$ByteCharEnvironmentMultiStringsWide$Free
                                                                                                                                                                                                                            • String ID: hBK
                                                                                                                                                                                                                            • API String ID: 400815659-2596599317
                                                                                                                                                                                                                            • Opcode ID: 6c88c9cc45bf6053e272a1328a34facb32dae637dd917e204f4f65447d05df45
                                                                                                                                                                                                                            • Instruction ID: 4ca100036c253a9344bd05bf78f3573dec4306e75a171fe8f8f5db2d31cfacb3
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 6c88c9cc45bf6053e272a1328a34facb32dae637dd917e204f4f65447d05df45
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1AE0E51290A410419A66323B2C01BEF12054BC1778B25C35FF82C962C3DE2C8C0210AE
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0045F968 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 31COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • LoadStringW.USER32(0045771D,?,004513BC,0045771D), ref: 0045F998
                                                                                                                                                                                                                            • LoadStringW.USER32(0045771D,?,004513BC), ref: 0045F9AF
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: LoadString
                                                                                                                                                                                                                            • String ID: p0I
                                                                                                                                                                                                                            • API String ID: 2948472770-2079751813
                                                                                                                                                                                                                            • Opcode ID: 41dd83bcc805b879e6ffc8b7a34577485dc2740c2691615b05bcfaff4b680a6a
                                                                                                                                                                                                                            • Instruction ID: 163c6d2f971f1b8dc7c2d8bbcaeeeda86541be4e1bd4f68b88ada7e214dc209f
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 41dd83bcc805b879e6ffc8b7a34577485dc2740c2691615b05bcfaff4b680a6a
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 72F0F836100219BBCF121F5AEC04EAB7F6AFF1A396B004436FD0496135D2328924EBA8
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00462303 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 19synchronizationCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • WaitForSingleObject.KERNEL32(?,000000FF,00462420,?,?,0046249F,?,?,?,?,?,00462489), ref: 00462309
                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,?,0046249F,?,?,?,?,?,00462489), ref: 00462315
                                                                                                                                                                                                                              • Part of subcall function 004576E9: __vswprintf_c_l.LEGACY_STDIO_DEFINITIONS ref: 00457707
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            • WaitForMultipleObjects error %d, GetLastError %d, xrefs: 0046231E
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ErrorLastObjectSingleWait__vswprintf_c_l
                                                                                                                                                                                                                            • String ID: WaitForMultipleObjects error %d, GetLastError %d
                                                                                                                                                                                                                            • API String ID: 1091760877-2248577382
                                                                                                                                                                                                                            • Opcode ID: f45cd4c611eaacb0042ecabfe52f344e956e76a58e166f73eb45b09d70adda08
                                                                                                                                                                                                                            • Instruction ID: 762e1745334450ce6672166f4a13234622d6effaf36e01024127b6a0b8cc893c
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f45cd4c611eaacb0042ecabfe52f344e956e76a58e166f73eb45b09d70adda08
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2FD0123150892136C90136286C0996F79155B62735B644B2AFA35552E5DBA8095142AE
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 0045F5BE Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 13COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • GetModuleHandleW.KERNEL32(00000000,?,0045ED75,?), ref: 0045F5C3
                                                                                                                                                                                                                            • FindResourceW.KERNEL32(00000000,RTL,00000005,?,0045ED75,?), ref: 0045F5D1
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000000.00000002.1656209867.0000000000451000.00000020.00000001.01000000.00000003.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656172240.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656326013.0000000000484000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000490000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.0000000000497000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004AF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656353853.00000000004B4000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000000.00000002.1656522418.00000000004B5000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_450000_SecuriteInfo.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: FindHandleModuleResource
                                                                                                                                                                                                                            • String ID: RTL
                                                                                                                                                                                                                            • API String ID: 3537982541-834975271
                                                                                                                                                                                                                            • Opcode ID: 11b8ea9b03f307327f4f64119ba278a92d85ced302e8c3cd7d5bdf96c0bd213e
                                                                                                                                                                                                                            • Instruction ID: fa5b39d764c4d3b629f343ca27de1b0632b5139badc08d8c8eb88fc761bd15c5
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 11b8ea9b03f307327f4f64119ba278a92d85ced302e8c3cd7d5bdf96c0bd213e
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 03C0123124435166D63027716C0DB8B2E985B41725F050C6DB601DA1C1EAE9C8449769
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Execution Graph

                                                                                                                                                                                                                            Execution Coverage:11.6%
                                                                                                                                                                                                                            Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                                            Signature Coverage:8.5%
                                                                                                                                                                                                                            Total number of Nodes:2000
                                                                                                                                                                                                                            Total number of Limit Nodes:63
                                                                                                                                                                                                                            execution_graph 30935 7ff6472970b0 30936 7ff6472970ec 30935->30936 30937 7ff6472970d5 30935->30937 30941 7ff647297185 30936->30941 30965 7ff6472719d0 30936->30965 31050 7ff64727aab0 12 API calls 2 library calls 30937->31050 30939 7ff6472970dc 31051 7ff64727aab0 12 API calls 2 library calls 30939->31051 31060 7ff64729f650 30941->31060 30945 7ff647297111 30950 7ff647297170 30945->30950 30981 7ff647298470 30945->30981 30946 7ff647297216 31069 7ff647271810 30946->31069 30951 7ff6472992a0 91 API calls 30950->30951 30953 7ff647297181 30950->30953 30951->30953 30953->30941 30958 7ff647298470 116 API calls 30953->30958 30954 7ff64729713a 30955 7ff64729715a 30954->30955 31034 7ff6472992a0 30954->31034 30955->30950 31052 7ff647297e10 30955->31052 30960 7ff6472971bf 30958->30960 30959 7ff647297146 30961 7ff647298470 116 API calls 30959->30961 30960->30941 30962 7ff6472992a0 91 API calls 30960->30962 30961->30955 30963 7ff6472971cb 30962->30963 30964 7ff647298470 116 API calls 30963->30964 30964->30941 30966 7ff647271a40 30965->30966 30967 7ff6472719f1 30965->30967 30968 7ff647271ac3 30966->30968 30970 7ff64729f098 3 API calls 30966->30970 31073 7ff64729f098 AcquireSRWLockExclusive 30967->31073 30968->30945 30968->30946 30972 7ff647271a56 30970->30972 30972->30968 31078 7ff64729f338 50 API calls std::_Throw_Cpp_error 30972->31078 30977 7ff647271aae 31079 7ff64729f02c AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 30977->31079 30982 7ff6472984a9 30981->30982 31009 7ff6472984a2 30981->31009 30983 7ff6472719d0 57 API calls 30982->30983 30989 7ff6472984ae 30983->30989 30984 7ff64729f650 std::_Throw_Cpp_error 8 API calls 30986 7ff647298696 30984->30986 30985 7ff6472986b3 30987 7ff647271810 2 API calls 30985->30987 30986->30954 30988 7ff6472986be 30987->30988 30991 7ff647271810 2 API calls 30988->30991 30989->30985 30990 7ff6472984f8 30989->30990 31225 7ff6472723e0 30989->31225 31080 7ff647297300 30990->31080 30993 7ff6472986c9 30991->30993 30997 7ff647271810 2 API calls 30993->30997 30998 7ff6472986d4 30997->30998 31001 7ff647298470 112 API calls 30998->31001 30999 7ff6472985fa 31131 7ff6472a8dac 30999->31131 31000 7ff6472719d0 57 API calls 31020 7ff647298522 31000->31020 31003 7ff647298737 31001->31003 31006 7ff6472719d0 57 API calls 31003->31006 31021 7ff64729873b 31003->31021 31004 7ff647298616 31012 7ff6472985cd 31004->31012 31148 7ff647299540 RegOpenKeyExW 31004->31148 31007 7ff64729874c 31006->31007 31017 7ff647297e10 49 API calls 31007->31017 31027 7ff6472989e5 31007->31027 31008 7ff64729f650 std::_Throw_Cpp_error 8 API calls 31011 7ff6472989bf 31008->31011 31009->30984 31010 7ff647297e10 49 API calls 31010->31020 31011->30954 31012->31009 31014 7ff6472986ae 31012->31014 31013 7ff647271810 2 API calls 31015 7ff6472989f0 31013->31015 31246 7ff6472aa30c 47 API calls 2 library calls 31014->31246 31018 7ff647298776 31017->31018 31018->31021 31022 7ff6472719d0 57 API calls 31018->31022 31028 7ff64729882a 31018->31028 31019 7ff6472a8dac 53 API calls 31019->31020 31020->30988 31020->30993 31020->30999 31020->31000 31020->31010 31020->31012 31020->31019 31021->31008 31023 7ff647298800 31022->31023 31024 7ff6472989db 31023->31024 31025 7ff64729880c 31023->31025 31026 7ff647271810 2 API calls 31024->31026 31029 7ff647297e10 49 API calls 31025->31029 31026->31027 31027->31013 31028->31021 31165 7ff647298a00 31028->31165 31029->31028 31032 7ff6472989a3 LocalFree 31032->31021 31033 7ff647298974 RegSetValueExW RegCloseKey 31033->31032 31035 7ff6472993c3 31034->31035 31036 7ff6472992c2 31034->31036 31037 7ff64729f650 std::_Throw_Cpp_error 8 API calls 31035->31037 31672 7ff647299030 31036->31672 31039 7ff6472993d2 31037->31039 31039->30959 31041 7ff6472993e0 13 API calls 31042 7ff6472992d7 31041->31042 31042->31035 31043 7ff6472992df RegOpenKeyExW 31042->31043 31044 7ff64729939e 31043->31044 31045 7ff64729930e RegQueryValueExW RegCloseKey 31043->31045 31048 7ff64729f650 std::_Throw_Cpp_error 8 API calls 31044->31048 31045->31044 31046 7ff647299356 RegOpenKeyExW 31045->31046 31046->31044 31047 7ff647299381 RegDeleteValueW RegCloseKey 31046->31047 31047->31044 31049 7ff6472993bd 31048->31049 31049->30959 31050->30939 31051->30936 31053 7ff647297e39 31052->31053 31058 7ff647297ef6 31052->31058 31055 7ff647271f60 2 API calls 31053->31055 31057 7ff647297e46 __scrt_get_show_window_mode 31053->31057 31054 7ff64729f650 std::_Throw_Cpp_error 8 API calls 31056 7ff647297f25 31054->31056 31055->31057 31056->30950 31057->31058 31059 7ff6472723e0 49 API calls 31057->31059 31058->31054 31059->31058 31061 7ff64729f659 31060->31061 31062 7ff64729720b 31061->31062 31063 7ff64729f6a4 IsProcessorFeaturePresent 31061->31063 31064 7ff64729f6bc 31063->31064 31697 7ff64729f778 RtlCaptureContext RtlLookupFunctionEntry RtlVirtualUnwind 31064->31697 31066 7ff64729f6cf 31698 7ff64729f670 SetUnhandledExceptionFilter UnhandledExceptionFilter GetCurrentProcess TerminateProcess 31066->31698 31070 7ff647271820 31069->31070 31699 7ff6472a1440 RtlPcToFileHeader RaiseException 31070->31699 31072 7ff647271831 31074 7ff64729f0ae 31073->31074 31075 7ff64729f0b3 ReleaseSRWLockExclusive 31074->31075 31077 7ff64729f0b8 SleepConditionVariableSRW 31074->31077 31077->31074 31078->30977 31081 7ff647297343 31080->31081 31082 7ff647297334 31080->31082 31084 7ff647297426 31081->31084 31247 7ff647273470 59 API calls 4 library calls 31081->31247 31083 7ff647297e10 49 API calls 31082->31083 31083->31081 31086 7ff64729f650 std::_Throw_Cpp_error 8 API calls 31084->31086 31087 7ff647297489 31086->31087 31102 7ff647297f30 31087->31102 31088 7ff647297365 31088->31084 31089 7ff64729749c 31088->31089 31091 7ff6472973c6 31088->31091 31090 7ff647271810 2 API calls 31089->31090 31093 7ff6472974a6 31090->31093 31091->31084 31092 7ff6472973e9 31091->31092 31248 7ff647272090 31091->31248 31092->31093 31095 7ff64729740d BuildCatchObjectHelperInternal 31092->31095 31260 7ff6472aa410 11 API calls _set_fmode 31093->31260 31095->31084 31096 7ff6472974b7 31095->31096 31099 7ff647271810 2 API calls 31096->31099 31098 7ff6472974ac 31261 7ff6472aa2ec 47 API calls _invalid_parameter_noinfo 31098->31261 31101 7ff6472974c1 31099->31101 31115 7ff647297f6d 31102->31115 31117 7ff647297f66 31102->31117 31103 7ff64729f650 std::_Throw_Cpp_error 8 API calls 31104 7ff647298400 31103->31104 31104->31020 31105 7ff647298064 31269 7ff6472993e0 31105->31269 31108 7ff6472980cb 31279 7ff6472789a0 31108->31279 31114 7ff647298087 31114->31108 31315 7ff64727d120 61 API calls 4 library calls 31114->31315 31115->31105 31313 7ff64727d120 61 API calls 4 library calls 31115->31313 31117->31103 31132 7ff6472a8db9 31131->31132 31133 7ff6472a8ddd 31131->31133 31132->31133 31134 7ff6472a8dbe 31132->31134 31135 7ff6472a8e17 31133->31135 31138 7ff6472a8e36 31133->31138 31317 7ff6472aa410 11 API calls _set_fmode 31134->31317 31319 7ff6472aa410 11 API calls _set_fmode 31135->31319 31321 7ff6472a8cd0 31138->31321 31139 7ff6472a8dc3 31318 7ff6472aa2ec 47 API calls _invalid_parameter_noinfo 31139->31318 31140 7ff6472a8e1c 31320 7ff6472aa2ec 47 API calls _invalid_parameter_noinfo 31140->31320 31144 7ff6472a8dce 31144->31004 31145 7ff6472a8e27 31145->31004 31146 7ff6472b4fcc 53 API calls 31147 7ff6472a8e43 31146->31147 31147->31145 31147->31146 31149 7ff6472995ad __scrt_get_show_window_mode 31148->31149 31164 7ff647299752 31148->31164 31151 7ff6472995c6 RegQueryInfoKeyW 31149->31151 31150 7ff64729f650 std::_Throw_Cpp_error 8 API calls 31152 7ff647299763 31150->31152 31153 7ff647299641 31151->31153 31154 7ff647299747 RegCloseKey 31151->31154 31152->31012 31153->31154 31155 7ff647299650 RegEnumKeyExW 31153->31155 31157 7ff6472719d0 57 API calls 31153->31157 31158 7ff6472997b2 31153->31158 31162 7ff6472a8dac 53 API calls 31153->31162 31163 7ff647299784 RegCloseKey 31153->31163 31332 7ff647297a60 31153->31332 31154->31164 31155->31153 31156 7ff64729968f UuidFromStringW 31155->31156 31156->31153 31157->31153 31159 7ff647271810 2 API calls 31158->31159 31160 7ff6472997bc 31159->31160 31160->31012 31162->31153 31163->31164 31164->31150 31166 7ff647298a53 31165->31166 31167 7ff647298a82 31165->31167 31168 7ff64729f098 3 API calls 31166->31168 31169 7ff647298abb 31167->31169 31171 7ff64729f098 3 API calls 31167->31171 31170 7ff647298a5f 31168->31170 31172 7ff647298af4 31169->31172 31174 7ff64729f098 3 API calls 31169->31174 31170->31167 31477 7ff64729f02c AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 31170->31477 31173 7ff647298a98 31171->31173 31177 7ff647298b51 31172->31177 31179 7ff64729f098 3 API calls 31172->31179 31173->31169 31478 7ff64729f02c AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 31173->31478 31176 7ff647298ad1 31174->31176 31176->31172 31479 7ff64729f02c AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 31176->31479 31180 7ff647298b8a 31177->31180 31183 7ff64729f098 3 API calls 31177->31183 31182 7ff647298b2e 31179->31182 31184 7ff64729f098 3 API calls 31180->31184 31191 7ff647298bc3 31180->31191 31182->31177 31480 7ff64729f02c AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 31182->31480 31185 7ff647298b67 31183->31185 31186 7ff647298ba0 31184->31186 31185->31180 31481 7ff64729f02c AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 31185->31481 31186->31191 31482 7ff64729f02c AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 31186->31482 31190 7ff647298cbf 31193 7ff647298cf8 31190->31193 31195 7ff64729f098 3 API calls 31190->31195 31191->31190 31192 7ff64729f098 3 API calls 31191->31192 31194 7ff647298c9c 31192->31194 31196 7ff647298d31 31193->31196 31198 7ff64729f098 3 API calls 31193->31198 31194->31190 31483 7ff64729f02c AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 31194->31483 31197 7ff647298cd5 31195->31197 31201 7ff647298d98 31196->31201 31204 7ff64729f098 3 API calls 31196->31204 31197->31193 31484 7ff64729f02c AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 31197->31484 31200 7ff647298d0e 31198->31200 31200->31196 31485 7ff64729f02c AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 31200->31485 31205 7ff647298dd1 31201->31205 31207 7ff64729f098 3 API calls 31201->31207 31206 7ff647298d75 31204->31206 31208 7ff64729f098 3 API calls 31205->31208 31214 7ff647298e0a 31205->31214 31206->31201 31486 7ff64729f02c AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 31206->31486 31209 7ff647298dae 31207->31209 31210 7ff647298de7 31208->31210 31209->31205 31487 7ff64729f02c AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 31209->31487 31210->31214 31488 7ff64729f02c AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 31210->31488 31215 7ff64729f098 3 API calls 31214->31215 31219 7ff647298f39 31214->31219 31216 7ff647298ed5 31215->31216 31216->31219 31462 7ff64729da10 31216->31462 31217 7ff64729f650 std::_Throw_Cpp_error 8 API calls 31218 7ff64729892b RegCreateKeyExW 31217->31218 31218->31032 31218->31033 31219->31217 31223 7ff647298f2c 31490 7ff64729f02c AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 31223->31490 31227 7ff6472723f7 31225->31227 31226 7ff647271810 2 API calls 31229 7ff64727251d 31226->31229 31228 7ff647272450 31227->31228 31230 7ff647272370 49 API calls 31227->31230 31243 7ff64727249a BuildCatchObjectHelperInternal 31227->31243 31231 7ff6472724a4 31228->31231 31232 7ff647272462 31228->31232 31230->31228 31234 7ff6472724b1 31231->31234 31240 7ff64727248f __scrt_get_show_window_mode 31231->31240 31231->31243 31235 7ff64727247d 31232->31235 31236 7ff647272470 31232->31236 31232->31243 31233 7ff6472724ef 31233->30990 31669 7ff6472aa410 11 API calls _set_fmode 31234->31669 31239 7ff647272482 31235->31239 31235->31240 31667 7ff6472aa410 11 API calls _set_fmode 31236->31667 31668 7ff6472aa410 11 API calls _set_fmode 31239->31668 31240->31243 31670 7ff6472aa410 11 API calls _set_fmode 31240->31670 31241 7ff647272475 31671 7ff6472aa2ec 47 API calls _invalid_parameter_noinfo 31241->31671 31243->31226 31243->31233 31247->31088 31249 7ff6472720bd 31248->31249 31262 7ff647271ad0 31249->31262 31251 7ff647272154 31268 7ff6472723d0 49 API calls 4 library calls 31251->31268 31253 7ff6472720d6 __scrt_get_show_window_mode 31255 7ff6472720f6 BuildCatchObjectHelperInternal 31253->31255 31266 7ff6472aa410 11 API calls _set_fmode 31253->31266 31254 7ff647272159 31255->31092 31257 7ff64727210c 31267 7ff6472aa2ec 47 API calls _invalid_parameter_noinfo 31257->31267 31260->31098 31261->31096 31263 7ff647271b34 31262->31263 31264 7ff647271ae1 31262->31264 31263->31251 31263->31253 31264->31263 31265 7ff647271b22 RtlAllocateHeap 31264->31265 31265->31263 31266->31257 31267->31255 31268->31254 31270 7ff64729940c __scrt_get_show_window_mode 31269->31270 31271 7ff647299505 31269->31271 31270->31271 31274 7ff647299454 RegOpenKeyExW 31270->31274 31272 7ff64729f650 std::_Throw_Cpp_error 8 API calls 31271->31272 31273 7ff64729807b 31272->31273 31273->31108 31314 7ff647297230 61 API calls std::_Throw_Cpp_error 31273->31314 31274->31271 31275 7ff647299486 RegQueryValueExW 31274->31275 31276 7ff6472994e0 RegCloseKey 31275->31276 31277 7ff6472994c9 RegCloseKey 31275->31277 31276->31271 31278 7ff6472994ee IIDFromString 31276->31278 31277->31271 31278->31271 31280 7ff6472719d0 57 API calls 31279->31280 31281 7ff6472789bb 31280->31281 31282 7ff647271810 2 API calls 31281->31282 31283 7ff647278c55 31282->31283 31284 7ff647271810 2 API calls 31283->31284 31285 7ff647278c60 31284->31285 31286 7ff6472719d0 57 API calls 31285->31286 31287 7ff647278c9d 31286->31287 31288 7ff647271810 2 API calls 31287->31288 31289 7ff647278f47 31288->31289 31290 7ff647271810 2 API calls 31289->31290 31291 7ff647278f52 31290->31291 31292 7ff6472719d0 57 API calls 31291->31292 31293 7ff647278f95 31292->31293 31294 7ff647271810 2 API calls 31293->31294 31295 7ff647279323 31294->31295 31296 7ff647271810 2 API calls 31295->31296 31297 7ff64727932e 31296->31297 31298 7ff6472719d0 57 API calls 31297->31298 31299 7ff64727934a 31298->31299 31300 7ff647271810 2 API calls 31299->31300 31301 7ff647279402 31300->31301 31302 7ff6472719d0 57 API calls 31301->31302 31303 7ff647279432 31302->31303 31304 7ff6472794de 31303->31304 31305 7ff64727943e 31303->31305 31306 7ff647271810 2 API calls 31304->31306 31309 7ff6472723e0 49 API calls 31305->31309 31312 7ff6472794a0 RegCreateKeyExW 31306->31312 31308 7ff647279673 31310 7ff647279491 31309->31310 31316 7ff6472798f0 RtlPcToFileHeader RaiseException 31310->31316 31312->31308 31313->31115 31314->31114 31315->31114 31316->31312 31317->31139 31318->31144 31319->31140 31320->31145 31322 7ff6472a8cf4 31321->31322 31323 7ff6472a8cef 31321->31323 31322->31323 31329 7ff6472b49f8 47 API calls 3 library calls 31322->31329 31323->31147 31325 7ff6472a8d0f 31330 7ff6472b3388 47 API calls 31325->31330 31327 7ff6472a8d32 31331 7ff6472b33f4 47 API calls 31327->31331 31329->31325 31330->31327 31331->31323 31333 7ff647297a7e 31332->31333 31334 7ff647297a9e 31333->31334 31335 7ff647297ac6 31333->31335 31336 7ff64729f650 std::_Throw_Cpp_error 8 API calls 31334->31336 31337 7ff647297ad3 31335->31337 31373 7ff647271f60 31335->31373 31339 7ff647297aaf 31336->31339 31338 7ff6472719d0 57 API calls 31337->31338 31344 7ff647297ad8 __scrt_get_show_window_mode 31338->31344 31339->31153 31341 7ff647297e03 31342 7ff647271810 2 API calls 31341->31342 31343 7ff647297e0e 31342->31343 31344->31341 31345 7ff647297b04 StringFromGUID2 31344->31345 31346 7ff6472719d0 57 API calls 31345->31346 31347 7ff647297b43 31346->31347 31348 7ff647297dee 31347->31348 31349 7ff647297b4f 31347->31349 31350 7ff647271810 2 API calls 31348->31350 31352 7ff647297b86 31349->31352 31353 7ff647297b77 31349->31353 31351 7ff647297df8 31350->31351 31354 7ff647271810 2 API calls 31351->31354 31356 7ff6472723e0 49 API calls 31352->31356 31378 7ff6472721f0 56 API calls 6 library calls 31353->31378 31354->31341 31357 7ff647297b84 31356->31357 31357->31351 31359 7ff647297bd9 31357->31359 31379 7ff647272370 31357->31379 31359->31351 31360 7ff647272370 49 API calls 31359->31360 31362 7ff647297c79 31359->31362 31360->31362 31361 7ff647297ce5 31370 7ff6472726e0 31361->31370 31362->31351 31362->31361 31365 7ff647297d32 RegQueryValueExW 31366 7ff647297dc1 RegCloseKey 31365->31366 31367 7ff647297d78 RegCloseKey 31365->31367 31368 7ff647297d7e 31366->31368 31367->31368 31368->31366 31369 7ff6472723e0 49 API calls 31368->31369 31369->31368 31393 7ff647272820 31370->31393 31374 7ff647271f7d 31373->31374 31375 7ff647271f89 31373->31375 31374->31375 31376 7ff647271810 2 API calls 31374->31376 31375->31337 31377 7ff647271fdc 31376->31377 31378->31357 31380 7ff647272387 31379->31380 31382 7ff6472723c4 31380->31382 31459 7ff6472723d0 49 API calls 4 library calls 31380->31459 31382->31359 31383 7ff647271810 2 API calls 31384 7ff6472726d5 31383->31384 31385 7ff6472725b4 __crtLCMapStringW 31386 7ff647272370 49 API calls 31385->31386 31387 7ff647272653 __scrt_get_show_window_mode 31385->31387 31389 7ff647272675 BuildCatchObjectHelperInternal 31385->31389 31386->31387 31387->31389 31460 7ff6472aa410 11 API calls _set_fmode 31387->31460 31388 7ff64727269e 31388->31359 31389->31383 31389->31388 31391 7ff64727268b 31461 7ff6472aa2ec 47 API calls _invalid_parameter_noinfo 31391->31461 31394 7ff647272848 std::_Throw_Cpp_error 31393->31394 31400 7ff64727299c 31393->31400 31415 7ff6472a8960 31394->31415 31395 7ff647271810 2 API calls 31396 7ff6472729a7 31395->31396 31398 7ff647272991 31399 7ff647271810 2 API calls 31398->31399 31399->31400 31400->31395 31401 7ff6472719d0 57 API calls 31403 7ff6472728a6 31401->31403 31403->31398 31404 7ff6472728e2 31403->31404 31405 7ff6472728d3 31403->31405 31408 7ff6472723e0 49 API calls 31404->31408 31447 7ff6472721f0 56 API calls 6 library calls 31405->31447 31407 7ff6472728e0 31409 7ff64727291c 31407->31409 31411 7ff647272370 49 API calls 31407->31411 31408->31407 31437 7ff6472a8bbc 31409->31437 31411->31409 31413 7ff6472726fd RegOpenKeyExW 31413->31365 31413->31368 31414 7ff647271810 2 API calls 31414->31398 31418 7ff6472a89ba 31415->31418 31416 7ff6472a89df 31448 7ff6472aa21c 47 API calls 2 library calls 31416->31448 31418->31416 31419 7ff6472a8a1b 31418->31419 31449 7ff6472a7a04 50 API calls _invalid_parameter_noinfo 31419->31449 31421 7ff6472a8a09 31423 7ff6472a8b7d 31421->31423 31453 7ff6472a7630 47 API calls 2 library calls 31421->31453 31429 7ff6472a8b93 31423->31429 31454 7ff6472a7630 47 API calls 2 library calls 31423->31454 31425 7ff6472a8ab6 31428 7ff6472a8afc 31425->31428 31431 7ff6472a8ad1 31425->31431 31432 7ff6472a8b22 31425->31432 31435 7ff6472a8ac8 31425->31435 31426 7ff64729f650 std::_Throw_Cpp_error 8 API calls 31430 7ff647272871 31426->31430 31452 7ff6472b32ec 11 API calls 2 library calls 31428->31452 31429->31426 31430->31398 31430->31401 31430->31403 31450 7ff6472b32ec 11 API calls 2 library calls 31431->31450 31432->31428 31433 7ff6472a8b2c 31432->31433 31451 7ff6472b32ec 11 API calls 2 library calls 31433->31451 31435->31428 31435->31431 31438 7ff6472a8bf5 31437->31438 31441 7ff6472a8c38 31438->31441 31455 7ff6472a6184 50 API calls 3 library calls 31438->31455 31443 7ff6472a8c77 31441->31443 31456 7ff6472aa21c 47 API calls 2 library calls 31441->31456 31442 7ff6472a8c9d 31445 7ff647272943 31442->31445 31458 7ff6472a7630 47 API calls 2 library calls 31442->31458 31443->31442 31457 7ff6472a7630 47 API calls 2 library calls 31443->31457 31445->31413 31445->31414 31447->31407 31448->31421 31449->31425 31450->31421 31451->31421 31452->31421 31453->31423 31454->31429 31455->31441 31456->31443 31457->31442 31458->31445 31459->31385 31460->31391 31461->31389 31463 7ff6472719d0 57 API calls 31462->31463 31464 7ff64729da2c 31463->31464 31465 7ff64729dac3 31464->31465 31466 7ff64729da38 31464->31466 31467 7ff647271810 2 API calls 31465->31467 31491 7ff64729f38c 31466->31491 31468 7ff64729dacd 31467->31468 31552 7ff64729e4f0 31468->31552 31471 7ff64729da67 31473 7ff64729f38c std::_Throw_Cpp_error 61 API calls 31471->31473 31474 7ff64729da93 31473->31474 31517 7ff64729dc10 31474->31517 31489 7ff64729f338 50 API calls std::_Throw_Cpp_error 31489->31223 31493 7ff64729f397 31491->31493 31492 7ff64729f3b0 31492->31471 31493->31492 31495 7ff64729f3b6 31493->31495 31559 7ff6472b2e4c EnterCriticalSection LeaveCriticalSection _set_fmode 31493->31559 31496 7ff64729f3c1 31495->31496 31560 7ff64729fd6c RtlPcToFileHeader RaiseException _com_raise_error std::bad_alloc::bad_alloc 31495->31560 31561 7ff647272b40 49 API calls 2 library calls 31496->31561 31499 7ff64729f3c7 std::_Throw_Cpp_error 31562 7ff6472b3034 47 API calls 2 library calls 31499->31562 31501 7ff64729f3e4 std::_Throw_Cpp_error 31563 7ff64729f188 7 API calls 2 library calls 31501->31563 31503 7ff64729f3fc 31504 7ff64729f400 _RTC_Initialize 31503->31504 31505 7ff64729f473 31503->31505 31564 7ff64729f338 50 API calls std::_Throw_Cpp_error 31504->31564 31567 7ff64729fb1c 7 API calls 2 library calls 31505->31567 31507 7ff64729f47d std::_Throw_Cpp_error 31507->31471 31509 7ff64729f411 std::_Throw_Cpp_error 31565 7ff6472b24e8 48 API calls 4 library calls 31509->31565 31511 7ff64729f41d 31511->31505 31566 7ff64729fe40 InitializeSListHead 31511->31566 31518 7ff64729e4f0 47 API calls 31517->31518 31520 7ff64729dc5a 31518->31520 31519 7ff6472719d0 57 API calls 31521 7ff64729dcd2 31519->31521 31520->31519 31550 7ff64729e253 31521->31550 31568 7ff64729e270 31521->31568 31522 7ff647271810 2 API calls 31523 7ff64729e25e 31522->31523 31525 7ff647271810 2 API calls 31523->31525 31526 7ff64729e269 31525->31526 31528 7ff647272c40 49 API calls 31526->31528 31527 7ff64729ddd3 GetLogicalProcessorInformationEx 31531 7ff64729e11f GetActiveProcessorCount GetActiveProcessorGroupCount GetActiveProcessorCount 31527->31531 31532 7ff64729ddf0 GetLastError 31527->31532 31533 7ff64729e26f 31528->31533 31530 7ff64729dd36 31581 7ff6472aacf0 31530->31581 31544 7ff64729e14e 31531->31544 31532->31531 31536 7ff64729ddff 31532->31536 31534 7ff647272370 49 API calls 31534->31530 31538 7ff64729de07 GetLogicalProcessorInformationEx 31536->31538 31537 7ff64729e160 GetActiveProcessorCount 31537->31544 31539 7ff64729e10f 31538->31539 31546 7ff64729de28 31538->31546 31539->31531 31540 7ff64729e206 31542 7ff64729f650 std::_Throw_Cpp_error 8 API calls 31540->31542 31541 7ff64729e1e0 GetActiveProcessorCount 31541->31544 31545 7ff647298f20 31542->31545 31543 7ff64729dd48 31543->31523 31543->31527 31544->31537 31544->31540 31544->31541 31545->31489 31546->31526 31546->31539 31547 7ff64729e24e 31546->31547 31549 7ff64729f38c 61 API calls std::_Throw_Cpp_error 31546->31549 31587 7ff64727d120 61 API calls 4 library calls 31546->31587 31588 7ff647272c40 31547->31588 31549->31546 31550->31522 31553 7ff64729dae8 31552->31553 31555 7ff64729e50c 31552->31555 31554 7ff64729e4f0 47 API calls 31554->31555 31555->31553 31555->31554 31556 7ff64729e5a0 31555->31556 31666 7ff6472aa30c 47 API calls 2 library calls 31556->31666 31559->31493 31561->31499 31562->31501 31563->31503 31564->31509 31565->31511 31567->31507 31569 7ff64729e280 __scrt_get_show_window_mode 31568->31569 31570 7ff64729e2cc RegOpenKeyExW 31569->31570 31580 7ff64729e2a6 31569->31580 31572 7ff64729e340 31570->31572 31573 7ff64729e2f7 RegQueryValueExW RegCloseKey 31570->31573 31577 7ff6472723e0 49 API calls 31572->31577 31573->31572 31574 7ff64729e389 31575 7ff64729f650 std::_Throw_Cpp_error 8 API calls 31574->31575 31576 7ff64729dcfd 31575->31576 31576->31523 31576->31530 31576->31534 31576->31543 31578 7ff64729e368 31577->31578 31596 7ff647273600 31578->31596 31591 7ff647273910 31580->31591 31582 7ff6472aacf8 31581->31582 31583 7ff6472a8cd0 47 API calls 31582->31583 31584 7ff6472aad15 31583->31584 31609 7ff6472aaaf8 31584->31609 31587->31546 31659 7ff64729ed24 31588->31659 31592 7ff64727398d 31591->31592 31593 7ff647273930 31591->31593 31592->31574 31594 7ff6472723e0 49 API calls 31593->31594 31595 7ff64727393e 31593->31595 31594->31592 31595->31574 31597 7ff6472738a0 31596->31597 31600 7ff647273622 31596->31600 31597->31580 31598 7ff647273885 31598->31597 31599 7ff647271810 2 API calls 31598->31599 31601 7ff647273902 31599->31601 31600->31597 31600->31598 31602 7ff647272370 49 API calls 31600->31602 31604 7ff64727375d __scrt_get_show_window_mode BuildCatchObjectHelperInternal 31600->31604 31602->31604 31604->31598 31607 7ff6472aa410 11 API calls _set_fmode 31604->31607 31605 7ff6472738ed 31608 7ff6472aa2ec 47 API calls _invalid_parameter_noinfo 31605->31608 31607->31605 31608->31598 31611 7ff6472aab4e __crtLCMapStringW 31609->31611 31613 7ff6472aab36 31609->31613 31612 7ff6472aab5e 31611->31612 31611->31613 31617 7ff6472aab47 31612->31617 31648 7ff6472b5618 6 API calls __crtLCMapStringW 31612->31648 31646 7ff6472aa410 11 API calls _set_fmode 31613->31646 31614 7ff6472aab3b 31647 7ff6472aa2ec 47 API calls _invalid_parameter_noinfo 31614->31647 31621 7ff64729f650 std::_Throw_Cpp_error 8 API calls 31617->31621 31618 7ff6472aab88 31619 7ff6472aab8f 31618->31619 31620 7ff6472aabca 31618->31620 31649 7ff6472aa410 11 API calls _set_fmode 31619->31649 31622 7ff6472aabe5 31620->31622 31623 7ff6472aabd2 31620->31623 31625 7ff6472aacd6 31621->31625 31627 7ff6472aac9d 31622->31627 31629 7ff6472aac35 31622->31629 31635 7ff6472aac04 31622->31635 31651 7ff6472aa410 11 API calls _set_fmode 31623->31651 31625->31543 31656 7ff6472aa410 11 API calls _set_fmode 31627->31656 31628 7ff6472aab94 31650 7ff6472aa410 11 API calls _set_fmode 31628->31650 31652 7ff6472b3328 12 API calls _set_fmode 31629->31652 31633 7ff6472aac3d 31633->31635 31634 7ff6472aaca5 31657 7ff6472aa410 11 API calls _set_fmode 31634->31657 31635->31627 31637 7ff6472aac54 31635->31637 31653 7ff6472b5618 6 API calls __crtLCMapStringW 31637->31653 31639 7ff6472aac79 31641 7ff6472aac8f 31639->31641 31642 7ff6472aac7d 31639->31642 31640 7ff6472aac8b 31640->31617 31658 7ff6472b32ec 11 API calls 2 library calls 31640->31658 31655 7ff6472aa410 11 API calls _set_fmode 31641->31655 31654 7ff6472a9efc 47 API calls 2 library calls 31642->31654 31646->31614 31647->31617 31648->31618 31649->31628 31650->31617 31651->31614 31652->31633 31653->31639 31654->31640 31655->31640 31656->31634 31657->31640 31658->31617 31664 7ff64729eca0 47 API calls Concurrency::cancel_current_task 31659->31664 31661 7ff64729ed35 31665 7ff6472a1440 RtlPcToFileHeader RaiseException 31661->31665 31663 7ff64729ed46 31664->31661 31665->31663 31667->31241 31668->31241 31669->31241 31670->31241 31671->31243 31676 7ff647299072 31672->31676 31675 7ff6472990c8 RegQueryValueExW RegCloseKey 31675->31676 31677 7ff6472991b8 31675->31677 31676->31677 31680 7ff647278310 31676->31680 31678 7ff64729f650 std::_Throw_Cpp_error 8 API calls 31677->31678 31679 7ff6472991ce 31678->31679 31679->31035 31679->31041 31681 7ff6472719d0 57 API calls 31680->31681 31682 7ff64727833c 31681->31682 31683 7ff647278348 31682->31683 31684 7ff647278434 31682->31684 31687 7ff64729f38c std::_Throw_Cpp_error 61 API calls 31683->31687 31685 7ff647271810 2 API calls 31684->31685 31686 7ff64727843e 31685->31686 31688 7ff64727836f 31687->31688 31689 7ff64729f38c std::_Throw_Cpp_error 61 API calls 31688->31689 31690 7ff64727839c 31689->31690 31691 7ff64729f38c std::_Throw_Cpp_error 61 API calls 31690->31691 31692 7ff6472783c9 31691->31692 31693 7ff64729f38c std::_Throw_Cpp_error 61 API calls 31692->31693 31694 7ff6472783f6 31693->31694 31695 7ff6472726e0 68 API calls 31694->31695 31696 7ff64727841d RegOpenKeyExW 31695->31696 31696->31675 31696->31676 31697->31066 31699->31072 31700 7ff647276bca RegQueryValueExW 31701 7ff647276c0b RegCloseKey 31700->31701 31702 7ff647276c13 RegCloseKey 31700->31702 31703 7ff647276c24 RegCreateKeyExW 31701->31703 31702->31703 31705 7ff647276cb5 31702->31705 31704 7ff647276ca2 SHChangeNotify 31703->31704 31704->31705 31710 7ff64727ff00 31705->31710 31709 7ff647276d13 31711 7ff6472719d0 57 API calls 31710->31711 31712 7ff64727ff3a 31711->31712 31713 7ff64727ff46 RegOpenKeyExW 31712->31713 31714 7ff6472802b4 31712->31714 31718 7ff64727ff89 RegQueryValueExW 31713->31718 31719 7ff64727ffe4 RegOpenKeyExW 31713->31719 31715 7ff647271810 2 API calls 31714->31715 31717 7ff6472802be 31715->31717 31720 7ff64727ffcb RegCloseKey 31718->31720 31721 7ff64727ffd3 RegCloseKey 31718->31721 31722 7ff647280018 RegQueryValueExW 31719->31722 31723 7ff647280271 31719->31723 31720->31719 31721->31719 31721->31723 31724 7ff64728026a RegCloseKey 31722->31724 31725 7ff64728005e RegCloseKey 31722->31725 31727 7ff64729f650 std::_Throw_Cpp_error 8 API calls 31723->31727 31724->31723 31725->31723 31726 7ff64728006f 31725->31726 31729 7ff6472723e0 49 API calls 31726->31729 31728 7ff647276d0e 31727->31728 31741 7ff6472904d0 31728->31741 31730 7ff64728008d RegCreateKeyExW 31729->31730 31731 7ff6472800d4 RegSetValueExW RegCloseKey 31730->31731 31732 7ff647280121 RegOpenKeyExW 31730->31732 31731->31732 31733 7ff64728014c RegQueryValueExW RegCloseKey 31732->31733 31734 7ff6472801ca RegOpenKeyExW 31732->31734 31733->31734 31735 7ff647280184 RegOpenKeyExW 31733->31735 31734->31723 31736 7ff6472801f4 RegQueryValueExW RegCloseKey 31734->31736 31735->31734 31738 7ff6472801ad RegDeleteValueW RegCloseKey 31735->31738 31736->31723 31739 7ff64728022a RegOpenKeyExW 31736->31739 31738->31734 31739->31723 31740 7ff647280253 RegDeleteValueW 31739->31740 31740->31724 31742 7ff6472904dc 31741->31742 31743 7ff6472789a0 60 API calls 31742->31743 31744 7ff647290504 31743->31744 31745 7ff6472789a0 60 API calls 31744->31745 31758 7ff6472906da 31744->31758 31748 7ff647290520 31745->31748 31746 7ff64729f650 std::_Throw_Cpp_error 8 API calls 31747 7ff647290719 31746->31747 31747->31709 31749 7ff6472719d0 57 API calls 31748->31749 31748->31758 31750 7ff647290541 31749->31750 31751 7ff647290722 31750->31751 31752 7ff64729054d 31750->31752 31753 7ff647271810 2 API calls 31751->31753 31767 7ff647290a20 RegOpenKeyExW 31752->31767 31754 7ff64729072c 31753->31754 31757 7ff647290a20 53 API calls 31759 7ff647290586 __scrt_get_show_window_mode 31757->31759 31758->31746 31759->31758 31760 7ff6472905b5 SHGetSpecialFolderPathW 31759->31760 31760->31758 31761 7ff6472905d4 SHGetSpecialFolderPathW 31760->31761 31761->31758 31762 7ff6472905f6 31761->31762 31762->31762 31763 7ff647290640 SHCreateDirectoryExW SHCreateDirectoryExW 31762->31763 31764 7ff647290680 31763->31764 31764->31764 31765 7ff6472906aa GetFileAttributesW 31764->31765 31765->31758 31766 7ff6472906bd MoveFileExW 31765->31766 31766->31758 31768 7ff647290a6f RegQueryValueExW 31767->31768 31769 7ff647290abc 31767->31769 31770 7ff647290adf RegCloseKey 31768->31770 31771 7ff647290ab6 RegCloseKey 31768->31771 31772 7ff647271f60 2 API calls 31769->31772 31773 7ff647290af1 31770->31773 31771->31769 31774 7ff647290ac4 31772->31774 31773->31773 31775 7ff6472723e0 49 API calls 31773->31775 31776 7ff64729f650 std::_Throw_Cpp_error 8 API calls 31774->31776 31775->31774 31777 7ff64729056d 31776->31777 31777->31757 31777->31758 31778 7ff64728256a 32601 7ff6472749a0 GetUserDefaultUILanguage 31778->32601 31782 7ff647282581 31783 7ff647282588 31782->31783 31790 7ff6472825e6 31782->31790 32744 7ff647293590 117 API calls std::_Throw_Cpp_error 31783->32744 31785 7ff647282590 31786 7ff647282599 Sleep 31785->31786 31787 7ff6472825b4 31785->31787 31785->31790 31792 7ff6472825af 31785->31792 32745 7ff647293590 117 API calls std::_Throw_Cpp_error 31786->32745 31789 7ff64729f650 std::_Throw_Cpp_error 8 API calls 31787->31789 31791 7ff6472825c5 31789->31791 32653 7ff647271ed0 31790->32653 31792->31787 31792->31790 31795 7ff6472726e0 68 API calls 31796 7ff647282651 31795->31796 32659 7ff647271f30 31796->32659 31798 7ff64728265d 32664 7ff647292840 31798->32664 31800 7ff64728268e 31801 7ff647271f30 50 API calls 31800->31801 31802 7ff6472826a7 31801->31802 31803 7ff647292840 75 API calls 31802->31803 31804 7ff6472826d8 31803->31804 31805 7ff647292840 75 API calls 31804->31805 31806 7ff647282722 31805->31806 31807 7ff647292840 75 API calls 31806->31807 31808 7ff64728275e 31807->31808 31809 7ff647292840 75 API calls 31808->31809 31810 7ff64728279a 31809->31810 31811 7ff647292840 75 API calls 31810->31811 31812 7ff6472827d6 31811->31812 31813 7ff647292840 75 API calls 31812->31813 31814 7ff647282812 31813->31814 31815 7ff647292840 75 API calls 31814->31815 31816 7ff64728284e 31815->31816 31817 7ff647292840 75 API calls 31816->31817 31818 7ff64728288a 31817->31818 32696 7ff647294d30 31818->32696 31821 7ff647292840 75 API calls 31822 7ff6472828d9 31821->31822 31823 7ff647294d30 50 API calls 31822->31823 31824 7ff6472828f3 31823->31824 31825 7ff647292840 75 API calls 31824->31825 31826 7ff647282928 31825->31826 31827 7ff647294d30 50 API calls 31826->31827 31828 7ff647282942 31827->31828 31829 7ff647292840 75 API calls 31828->31829 31830 7ff647282977 31829->31830 31831 7ff647294d30 50 API calls 31830->31831 31832 7ff647282991 31831->31832 31833 7ff647292840 75 API calls 31832->31833 32602 7ff6472749c7 32601->32602 32603 7ff647274a05 32602->32603 32857 7ff64727ae40 32602->32857 32605 7ff6472719d0 57 API calls 32603->32605 32606 7ff647274a5a 32605->32606 32607 7ff647274e30 32606->32607 32610 7ff647271f60 2 API calls 32606->32610 32608 7ff647271810 2 API calls 32607->32608 32609 7ff647274e3b 32608->32609 32612 7ff647274a85 32610->32612 32611 7ff6472723e0 49 API calls 32613 7ff647274b18 32611->32613 32612->32611 32614 7ff6472719d0 57 API calls 32613->32614 32615 7ff647274b1d 32614->32615 32616 7ff647274e26 32615->32616 32618 7ff647274b29 32615->32618 32617 7ff647271810 2 API calls 32616->32617 32617->32607 32619 7ff6472723e0 49 API calls 32618->32619 32621 7ff647274b66 __scrt_get_show_window_mode 32618->32621 32619->32621 32620 7ff647274bcd GetModuleHandleW GetModuleFileNameW 32627 7ff647274bed 32620->32627 32621->32620 32622 7ff647274c57 LoadLibraryW 32623 7ff647274da2 32622->32623 32624 7ff647274c70 32622->32624 32888 7ff6472a9efc 47 API calls 2 library calls 32623->32888 32629 7ff6472723e0 49 API calls 32624->32629 32626 7ff6472723e0 49 API calls 32626->32622 32627->32622 32627->32626 32631 7ff647274c9b GetModuleHandleW GetModuleFileNameW 32629->32631 32630 7ff647274dbf 32635 7ff6472723e0 49 API calls 32630->32635 32632 7ff647274d30 LoadLibraryW 32631->32632 32637 7ff647274cc0 32631->32637 32633 7ff647274d4b 32632->32633 32634 7ff647274ddd EnterCriticalSection 32632->32634 32887 7ff647271e50 49 API calls 32633->32887 32643 7ff647282430 RegOpenKeyExW 32634->32643 32635->32634 32885 7ff6472aa90c 47 API calls 2 library calls 32637->32885 32638 7ff647274d5e 32641 7ff647274d6a LoadLibraryW MessageBoxW ExitProcess 32638->32641 32640 7ff647274d17 32886 7ff6472aa90c 47 API calls 2 library calls 32640->32886 32644 7ff647282476 RegQueryValueExW 32643->32644 32645 7ff6472824c3 32643->32645 32646 7ff6472824bd RegCloseKey 32644->32646 32647 7ff6472824d7 RegCloseKey 32644->32647 32648 7ff64729f650 std::_Throw_Cpp_error 8 API calls 32645->32648 32646->32645 32647->32645 32650 7ff6472824e4 32647->32650 32649 7ff6472824d2 32648->32649 32649->31782 32651 7ff64729f650 std::_Throw_Cpp_error 8 API calls 32650->32651 32652 7ff6472824f3 32651->32652 32652->31782 32654 7ff6472719d0 57 API calls 32653->32654 32655 7ff647271ede 32654->32655 32656 7ff647271ee6 32655->32656 32657 7ff647271810 2 API calls 32655->32657 32656->31795 32658 7ff647271f06 32657->32658 32660 7ff647271f42 32659->32660 32661 7ff647271f53 32659->32661 32662 7ff647272090 50 API calls 32660->32662 32661->31798 32663 7ff647271f4a 32662->32663 32663->31798 32665 7ff6472719d0 57 API calls 32664->32665 32669 7ff64729286b 32665->32669 32666 7ff647292aad 32667 7ff647271810 2 API calls 32666->32667 32668 7ff647292ab7 32667->32668 32669->32666 32670 7ff64729289c 32669->32670 32672 7ff6472928ab 32669->32672 32889 7ff6472721f0 56 API calls 6 library calls 32670->32889 32672->32672 32673 7ff6472723e0 49 API calls 32672->32673 32674 7ff6472928a9 32673->32674 32676 7ff6472928e2 32674->32676 32890 7ff647274510 61 API calls 3 library calls 32674->32890 32677 7ff6472719d0 57 API calls 32676->32677 32678 7ff647292928 32677->32678 32678->32666 32679 7ff647292960 32678->32679 32680 7ff647292951 32678->32680 32682 7ff6472723e0 49 API calls 32679->32682 32891 7ff6472721f0 56 API calls 6 library calls 32680->32891 32683 7ff64729295e 32682->32683 32685 7ff647292996 32683->32685 32892 7ff647274510 61 API calls 3 library calls 32683->32892 32686 7ff6472719d0 57 API calls 32685->32686 32687 7ff6472929dc 32686->32687 32687->32666 32688 7ff6472929e5 32687->32688 32689 7ff647292a05 32688->32689 32692 7ff647292a14 32688->32692 32893 7ff6472721f0 56 API calls 6 library calls 32689->32893 32690 7ff6472723e0 49 API calls 32693 7ff647292a12 32690->32693 32692->32690 32692->32692 32694 7ff647292a55 32693->32694 32894 7ff647274510 61 API calls 3 library calls 32693->32894 32694->31800 32697 7ff647294d56 std::_Throw_Cpp_error 32696->32697 32698 7ff6472a8bbc 50 API calls 32697->32698 32699 7ff6472828a4 32698->32699 32699->31821 32744->31785 32745->31785 32858 7ff64727ae74 32857->32858 32862 7ff64727ae7b 32857->32862 32859 7ff64729f650 std::_Throw_Cpp_error 8 API calls 32858->32859 32861 7ff64727b2bd 32859->32861 32860 7ff6472719d0 57 API calls 32863 7ff64727ae98 32860->32863 32861->32603 32862->32860 32864 7ff64727b2d6 32863->32864 32865 7ff64727aea4 32863->32865 32866 7ff647271810 2 API calls 32864->32866 32868 7ff6472726e0 68 API calls 32865->32868 32867 7ff64727b2e0 32866->32867 32869 7ff64727aec9 RegCreateKeyExW 32868->32869 32870 7ff64727af42 RegCreateKeyExW 32869->32870 32871 7ff64727af0f RegSetValueExW RegCloseKey 32869->32871 32872 7ff64727afb7 RegCreateKeyExW 32870->32872 32873 7ff64727af82 RegSetValueExW RegCloseKey 32870->32873 32871->32870 32874 7ff64727affb RegSetValueExW RegCloseKey 32872->32874 32875 7ff64727b030 RegCreateKeyExW 32872->32875 32873->32872 32874->32875 32876 7ff64727b0a9 RegCreateKeyExW 32875->32876 32877 7ff64727b074 RegSetValueExW RegCloseKey 32875->32877 32878 7ff64727b0ed RegSetValueExW RegCloseKey 32876->32878 32879 7ff64727b122 RegCreateKeyExW 32876->32879 32877->32876 32878->32879 32880 7ff64727b19b RegCreateKeyExW 32879->32880 32881 7ff64727b166 RegSetValueExW RegCloseKey 32879->32881 32882 7ff64727b1e6 RegSetValueExW RegCloseKey 32880->32882 32883 7ff64727b215 RegCreateKeyExW 32880->32883 32881->32880 32882->32883 32883->32858 32884 7ff64727b259 RegSetValueExW RegCloseKey 32883->32884 32884->32858 32885->32640 32886->32632 32887->32638 32888->32630 32889->32674 32890->32676 32891->32683 32892->32685 32893->32693 32894->32694 32904 7ff6472897c9 32927 7ff647293770 32904->32927 32906 7ff6472897d8 32907 7ff647289822 32906->32907 32908 7ff6472897e5 Sleep 32906->32908 32909 7ff647289807 LeaveCriticalSection 32906->32909 32910 7ff64728982e GetFileAttributesW 32907->32910 32911 7ff647293770 117 API calls 32908->32911 32912 7ff64728fd9b 32909->32912 32913 7ff647289848 32910->32913 32914 7ff64728983c 32910->32914 32915 7ff6472897fe 32911->32915 32916 7ff64729f650 std::_Throw_Cpp_error 8 API calls 32912->32916 32960 7ff647281bb0 32913->32960 32940 7ff6472818a0 32914->32940 32915->32906 32919 7ff647289802 32915->32919 32920 7ff64728fdd6 32916->32920 32919->32907 32919->32909 32921 7ff647289866 32922 7ff647271ed0 59 API calls 32921->32922 32923 7ff6472898c9 32922->32923 32966 7ff647290fd0 32923->32966 32928 7ff6472719d0 57 API calls 32927->32928 32929 7ff647293793 32928->32929 32930 7ff64729379f 32929->32930 32931 7ff647293832 32929->32931 33084 7ff647290b10 32930->33084 32932 7ff647271810 2 API calls 32931->32932 32933 7ff64729383c 32932->32933 32935 7ff6472937b8 32936 7ff6472937e5 GetFileAttributesW 32935->32936 32937 7ff647293807 32936->32937 32938 7ff64729f650 std::_Throw_Cpp_error 8 API calls 32937->32938 32939 7ff647293822 32938->32939 32939->32906 32941 7ff647271f60 2 API calls 32940->32941 32942 7ff6472818bf RegCreateKeyExW 32941->32942 32943 7ff647281a9d 32942->32943 32944 7ff647281a34 RegQueryValueExW 32942->32944 33263 7ff647290e50 32943->33263 32945 7ff647281a76 32944->32945 32946 7ff647281a92 RegCloseKey 32944->32946 32945->32946 32948 7ff647281a7d RegCloseKey 32945->32948 32946->32943 32948->32943 32950 7ff6472723e0 49 API calls 32951 7ff647281b47 32950->32951 32952 7ff647271f60 2 API calls 32951->32952 32953 7ff647281b78 32952->32953 33288 7ff647292c70 32953->33288 32961 7ff647281bcd 32960->32961 32964 7ff6472822a1 32961->32964 33352 7ff64728ff80 47 API calls _invalid_parameter_noinfo_noreturn 32961->33352 33345 7ff647294fb0 32964->33345 32970 7ff647291026 __scrt_get_show_window_mode 32966->32970 33057 7ff64729192d 32966->33057 32967 7ff64729f650 std::_Throw_Cpp_error 8 API calls 32968 7ff6472898f7 LeaveCriticalSection 32967->32968 32968->32912 32969 7ff6472910eb 32971 7ff6472719d0 57 API calls 32969->32971 32970->32969 32973 7ff647291091 GetVolumeNameForVolumeMountPointW 32970->32973 32975 7ff647291079 32970->32975 32970->33057 32972 7ff6472910f0 32971->32972 32974 7ff647291d11 32972->32974 32979 7ff6472719d0 57 API calls 32972->32979 32973->32975 32976 7ff647271810 2 API calls 32974->32976 32978 7ff6472723e0 49 API calls 32975->32978 32977 7ff647291d1c 32976->32977 32980 7ff647271810 2 API calls 32977->32980 32978->32969 32981 7ff647291112 32979->32981 32982 7ff647291d27 32980->32982 32981->32977 32985 7ff6472719d0 57 API calls 32981->32985 32983 7ff647271810 2 API calls 32982->32983 32984 7ff647291d32 32983->32984 32986 7ff647291134 32985->32986 32986->32982 32989 7ff647291146 CreateFileW 32986->32989 32991 7ff6472912f8 GetFileSize 32989->32991 32992 7ff647291188 32989->32992 32996 7ff6472719d0 57 API calls 32992->32996 33025 7ff6472911f8 32992->33025 33057->32967 33085 7ff647290b49 __scrt_get_show_window_mode 33084->33085 33086 7ff6472719d0 57 API calls 33085->33086 33087 7ff647290b4e 33086->33087 33088 7ff647290c47 33087->33088 33089 7ff647290b5a 33087->33089 33090 7ff647271810 2 API calls 33088->33090 33100 7ff647290110 33089->33100 33091 7ff647290c51 33090->33091 33094 7ff647272090 50 API calls 33095 7ff647290b8b 33094->33095 33096 7ff6472723e0 49 API calls 33095->33096 33097 7ff647290c08 33096->33097 33098 7ff64729f650 std::_Throw_Cpp_error 8 API calls 33097->33098 33099 7ff647290c32 33098->33099 33099->32935 33101 7ff64729ed60 14 API calls 33100->33101 33102 7ff64729014e 33101->33102 33104 7ff647290498 33102->33104 33106 7ff6472719d0 57 API calls 33102->33106 33118 7ff64729048d 33102->33118 33226 7ff64729eb3c 61 API calls 2 library calls 33104->33226 33107 7ff64729016b 33106->33107 33108 7ff6472904ad 33107->33108 33156 7ff647293040 33107->33156 33109 7ff647271810 2 API calls 33108->33109 33110 7ff6472904b8 33109->33110 33112 7ff647271810 2 API calls 33110->33112 33114 7ff6472904c3 33112->33114 33115 7ff647290482 33117 7ff647271810 2 API calls 33115->33117 33116 7ff6472a8dac 53 API calls 33120 7ff6472901ad 33116->33120 33117->33118 33225 7ff64729eb3c 61 API calls 2 library calls 33118->33225 33119 7ff6472719d0 57 API calls 33121 7ff64729021e 33119->33121 33122 7ff6472901d8 33120->33122 33123 7ff6472723e0 49 API calls 33120->33123 33121->33115 33124 7ff647290249 33121->33124 33125 7ff64729029c 33121->33125 33122->33119 33123->33122 33129 7ff6472723e0 49 API calls 33124->33129 33132 7ff647290264 33124->33132 33126 7ff647290a20 53 API calls 33125->33126 33127 7ff6472902ad 33126->33127 33131 7ff647290a20 53 API calls 33127->33131 33127->33132 33128 7ff647290730 78 API calls 33138 7ff6472902e5 33128->33138 33129->33132 33130 7ff647290349 33133 7ff6472719d0 57 API calls 33130->33133 33135 7ff6472902c2 33131->33135 33132->33128 33132->33138 33136 7ff647290358 33133->33136 33134 7ff647290478 33137 7ff647271810 2 API calls 33134->33137 33135->33132 33193 7ff647290730 33135->33193 33136->33110 33139 7ff647290364 33136->33139 33137->33115 33138->33130 33138->33134 33140 7ff64729033b 33138->33140 33142 7ff647272370 49 API calls 33138->33142 33143 7ff647293040 94 API calls 33139->33143 33140->33130 33140->33134 33142->33140 33144 7ff64729037d 33143->33144 33145 7ff6472903b3 33144->33145 33146 7ff64729038c 33144->33146 33147 7ff6472726e0 68 API calls 33145->33147 33148 7ff6472726e0 68 API calls 33146->33148 33149 7ff6472903b1 33147->33149 33148->33149 33150 7ff647273910 49 API calls 33149->33150 33151 7ff6472903f0 33149->33151 33150->33151 33152 7ff64729ed68 ReleaseSRWLockExclusive 33151->33152 33153 7ff64729044f 33152->33153 33154 7ff64729f650 std::_Throw_Cpp_error 8 API calls 33153->33154 33155 7ff64729045e 33154->33155 33155->33094 33155->33095 33157 7ff647293058 33156->33157 33158 7ff647271f60 2 API calls 33157->33158 33159 7ff647293078 33158->33159 33227 7ff64727fdf0 33159->33227 33162 7ff6472930d3 GetFileSize 33165 7ff6472930f3 33162->33165 33166 7ff64729320a 33162->33166 33163 7ff6472930c6 33164 7ff647271f60 2 API calls 33163->33164 33174 7ff6472930ce 33164->33174 33165->33166 33168 7ff6472930fe 33165->33168 33167 7ff647271f60 2 API calls 33166->33167 33169 7ff647293212 CloseHandle 33167->33169 33170 7ff647293102 33168->33170 33171 7ff64729311b __scrt_get_show_window_mode 33168->33171 33169->33174 33172 7ff647271f60 2 API calls 33170->33172 33173 7ff64729312d ReadFile 33171->33173 33175 7ff64729310a CloseHandle 33172->33175 33173->33169 33176 7ff647293155 33173->33176 33177 7ff64729f650 std::_Throw_Cpp_error 8 API calls 33174->33177 33175->33174 33179 7ff6472723e0 49 API calls 33176->33179 33178 7ff647290190 33177->33178 33178->33115 33178->33116 33180 7ff647293178 33179->33180 33181 7ff647273600 49 API calls 33180->33181 33182 7ff64729318e 33181->33182 33183 7ff647273600 49 API calls 33182->33183 33184 7ff6472931a4 33183->33184 33185 7ff647273600 49 API calls 33184->33185 33186 7ff6472931ba 33185->33186 33187 7ff647273600 49 API calls 33186->33187 33188 7ff6472931d0 33187->33188 33189 7ff647273600 49 API calls 33188->33189 33190 7ff6472931e6 33189->33190 33191 7ff647273600 49 API calls 33190->33191 33192 7ff6472931fc CloseHandle 33191->33192 33192->33174 33194 7ff6472719d0 57 API calls 33193->33194 33195 7ff647290765 33194->33195 33196 7ff647290771 33195->33196 33197 7ff647290a04 33195->33197 33200 7ff647290a20 53 API calls 33196->33200 33198 7ff647271810 2 API calls 33197->33198 33199 7ff647290a0e 33198->33199 33202 7ff647271810 2 API calls 33199->33202 33201 7ff647290791 33200->33201 33204 7ff647290a20 53 API calls 33201->33204 33209 7ff6472908b4 33201->33209 33203 7ff647290a19 33202->33203 33205 7ff6472907b8 33204->33205 33206 7ff6472907c1 33205->33206 33205->33209 33246 7ff64727b6f0 RegOpenKeyExW 33206->33246 33208 7ff6472907c6 __scrt_get_show_window_mode 33210 7ff6472907db SHGetSpecialFolderPathW 33208->33210 33212 7ff6472723e0 49 API calls 33209->33212 33220 7ff647290898 33209->33220 33213 7ff6472908a2 33210->33213 33214 7ff647290804 SHCreateDirectoryExW 33210->33214 33211 7ff6472909b3 33216 7ff64729f650 std::_Throw_Cpp_error 8 API calls 33211->33216 33212->33220 33215 7ff647271f60 2 API calls 33213->33215 33217 7ff647290820 33214->33217 33215->33220 33218 7ff6472909e7 33216->33218 33217->33217 33219 7ff64729082a SHCreateDirectoryExW 33217->33219 33218->33132 33223 7ff647290863 33219->33223 33220->33199 33220->33211 33221 7ff6472909ab 33220->33221 33222 7ff647272370 49 API calls 33220->33222 33221->33199 33221->33211 33222->33221 33224 7ff6472723e0 49 API calls 33223->33224 33224->33220 33225->33104 33226->33108 33228 7ff6472719d0 57 API calls 33227->33228 33229 7ff64727fe1e 33228->33229 33230 7ff64727fee7 33229->33230 33233 7ff647290730 78 API calls 33229->33233 33231 7ff647271810 2 API calls 33230->33231 33232 7ff64727fef2 33231->33232 33234 7ff64727fe43 33233->33234 33235 7ff6472719d0 57 API calls 33234->33235 33236 7ff64727fe4d 33235->33236 33237 7ff64727fedd 33236->33237 33239 7ff64727fe59 33236->33239 33238 7ff647271810 2 API calls 33237->33238 33238->33230 33240 7ff647272090 50 API calls 33239->33240 33243 7ff64727fe86 33239->33243 33240->33243 33241 7ff6472726e0 68 API calls 33242 7ff64727fea4 33241->33242 33244 7ff64729f650 std::_Throw_Cpp_error 8 API calls 33242->33244 33243->33241 33245 7ff64727fed2 CreateFileW 33244->33245 33245->33162 33245->33163 33247 7ff64727b7d2 33246->33247 33248 7ff64727b741 RegOpenKeyExW 33246->33248 33251 7ff64729f650 std::_Throw_Cpp_error 8 API calls 33247->33251 33249 7ff64727b778 RegQueryValueExW 33248->33249 33250 7ff64727b7c5 RegCloseKey 33248->33250 33252 7ff64727b7f3 RegCloseKey 33249->33252 33253 7ff64727b7bf RegCloseKey 33249->33253 33250->33247 33254 7ff64727b7ea 33251->33254 33252->33250 33255 7ff64727b7ff 33252->33255 33253->33250 33254->33208 33256 7ff64727b80c LoadStringW 33255->33256 33257 7ff64727b89b RegCloseKey 33255->33257 33258 7ff64727b835 33256->33258 33259 7ff64727b881 MessageBoxW 33256->33259 33257->33247 33260 7ff64727b852 GetModuleHandleW LoadStringW 33258->33260 33261 7ff64727b83e LoadLibraryW 33258->33261 33259->33257 33260->33259 33262 7ff64727b87c 33260->33262 33261->33260 33262->33259 33264 7ff647290e77 33263->33264 33265 7ff647290e6c GetFileAttributesW 33263->33265 33296 7ff647290c60 33264->33296 33265->33264 33266 7ff647290e98 33265->33266 33268 7ff647290ecf 33266->33268 33269 7ff647290ec4 GetFileAttributesW 33266->33269 33271 7ff647290c60 68 API calls 33268->33271 33269->33268 33283 7ff647290ef0 33269->33283 33270 7ff647290e88 33272 7ff647273910 49 API calls 33270->33272 33273 7ff647290ee0 33271->33273 33272->33266 33276 7ff647273910 49 API calls 33273->33276 33274 7ff647290f27 33277 7ff647290c60 68 API calls 33274->33277 33275 7ff647290f1c GetFileAttributesW 33275->33274 33286 7ff647290f48 33275->33286 33276->33283 33280 7ff647290f38 33277->33280 33278 7ff647290f7f 33282 7ff647290c60 68 API calls 33278->33282 33279 7ff647290f74 GetFileAttributesW 33279->33278 33281 7ff647281ae6 33279->33281 33284 7ff647273910 49 API calls 33280->33284 33281->32950 33285 7ff647290f90 33282->33285 33283->33274 33283->33275 33284->33286 33287 7ff647273910 49 API calls 33285->33287 33286->33278 33286->33279 33287->33281 33289 7ff647292cc1 33288->33289 33297 7ff6472719d0 57 API calls 33296->33297 33298 7ff647290c9e 33297->33298 33299 7ff647290e37 33298->33299 33300 7ff647290caa GetModuleHandleW GetModuleFileNameW 33298->33300 33301 7ff647271810 2 API calls 33299->33301 33304 7ff647290d7b SHGetSpecialFolderPathW 33300->33304 33315 7ff647290cee 33300->33315 33302 7ff647290e41 33301->33302 33305 7ff647290e77 33302->33305 33306 7ff647290e6c GetFileAttributesW 33302->33306 33307 7ff647290e08 33304->33307 33308 7ff647290d98 33304->33308 33310 7ff647290c60 59 API calls 33305->33310 33306->33305 33309 7ff647290e98 33306->33309 33311 7ff647271f60 2 API calls 33307->33311 33317 7ff6472723e0 49 API calls 33308->33317 33312 7ff647290ecf 33309->33312 33313 7ff647290ec4 GetFileAttributesW 33309->33313 33314 7ff647290e88 33310->33314 33316 7ff647290e10 33311->33316 33319 7ff647290c60 59 API calls 33312->33319 33313->33312 33318 7ff647290ef0 33313->33318 33320 7ff647273910 49 API calls 33314->33320 33326 7ff6472723e0 49 API calls 33315->33326 33321 7ff64729f650 std::_Throw_Cpp_error 8 API calls 33316->33321 33339 7ff647290db7 33317->33339 33323 7ff647290f27 33318->33323 33324 7ff647290f1c GetFileAttributesW 33318->33324 33322 7ff647290ee0 33319->33322 33320->33309 33325 7ff647290e24 33321->33325 33327 7ff647273910 49 API calls 33322->33327 33329 7ff647290c60 59 API calls 33323->33329 33324->33323 33328 7ff647290f48 33324->33328 33325->33270 33338 7ff647290d47 33326->33338 33327->33318 33330 7ff647290f7f 33328->33330 33331 7ff647290f74 GetFileAttributesW 33328->33331 33332 7ff647290f38 33329->33332 33334 7ff647290c60 59 API calls 33330->33334 33331->33330 33333 7ff647290fa0 33331->33333 33335 7ff647273910 49 API calls 33332->33335 33333->33270 33335->33328 33340 7ff647290d69 GetFileAttributesW 33338->33340 33339->33339 33341 7ff647290dfa GetFileAttributesW 33339->33341 33340->33304 33340->33316 33341->33307 33341->33316 33347 7ff647294fcc 33345->33347 33349 7ff647282404 33345->33349 33346 7ff647294fb0 47 API calls 33346->33347 33347->33346 33348 7ff647295067 33347->33348 33347->33349 33353 7ff6472aa30c 47 API calls 2 library calls 33348->33353 33349->32921 33352->32961 33408 7ff647276030 33409 7ff6472719d0 57 API calls 33408->33409 33413 7ff647276052 33409->33413 33410 7ff647271810 2 API calls 33411 7ff6472765d9 33410->33411 33412 7ff647271810 2 API calls 33411->33412 33415 7ff6472765e4 33412->33415 33414 7ff6472723e0 49 API calls 33413->33414 33416 7ff6472760ba 33413->33416 33414->33416 33422 7ff6472aa30c 47 API calls 2 library calls 33415->33422 33416->33410 33423 7ff64727d550 33424 7ff6472719d0 57 API calls 33423->33424 33425 7ff64727d57a 33424->33425 33426 7ff64727d756 33425->33426 33427 7ff64727d586 33425->33427 33428 7ff647271810 2 API calls 33426->33428 33430 7ff64727d5bc 33427->33430 33432 7ff64727d5ad 33427->33432 33429 7ff64727d760 33428->33429 33431 7ff647271810 2 API calls 33429->33431 33433 7ff6472723e0 49 API calls 33430->33433 33434 7ff64727d76b 33431->33434 33447 7ff6472721f0 56 API calls 6 library calls 33432->33447 33437 7ff64727d5ba 33433->33437 33436 7ff64727d60b 33439 7ff6472aacf0 54 API calls 33436->33439 33437->33429 33437->33436 33438 7ff647272370 49 API calls 33437->33438 33438->33436 33440 7ff64727d61e 33439->33440 33440->33429 33445 7ff64727d627 33440->33445 33441 7ff64727d719 33442 7ff64729f650 std::_Throw_Cpp_error 8 API calls 33441->33442 33444 7ff64727d745 33442->33444 33443 7ff64727d6f8 SHDeleteKeyW 33443->33441 33446 7ff64727d708 RegDeleteKeyW 33443->33446 33445->33441 33445->33443 33446->33441 33447->33437 33448 7ff64727f290 33499 7ff64729fab0 33448->33499 33452 7ff64727f334 __scrt_get_show_window_mode 33454 7ff64727f348 RegOpenKeyExW 33452->33454 33453 7ff64727f2f1 33501 7ff64727f650 33453->33501 33455 7ff64727f3c9 33454->33455 33456 7ff64727f37e RegQueryValueExW RegCloseKey 33454->33456 33457 7ff6472719d0 57 API calls 33455->33457 33498 7ff64727f59f 33455->33498 33456->33455 33459 7ff64727f3dc 33457->33459 33458 7ff64729f650 std::_Throw_Cpp_error 8 API calls 33460 7ff64727f606 33458->33460 33461 7ff64727f638 33459->33461 33464 7ff64727f40d 33459->33464 33465 7ff64727f41c 33459->33465 33462 7ff647271810 2 API calls 33461->33462 33463 7ff64727f643 33462->33463 33466 7ff647271810 2 API calls 33463->33466 33556 7ff6472721f0 56 API calls 6 library calls 33464->33556 33470 7ff6472723e0 49 API calls 33465->33470 33468 7ff64727f64e 33466->33468 33469 7ff64727f41a 33471 7ff6472719d0 57 API calls 33469->33471 33470->33469 33472 7ff64727f442 33471->33472 33472->33463 33473 7ff64727f46f 33472->33473 33474 7ff64727f47e 33472->33474 33557 7ff6472721f0 56 API calls 6 library calls 33473->33557 33476 7ff6472723e0 49 API calls 33474->33476 33477 7ff64727f47c 33476->33477 33479 7ff647272370 49 API calls 33477->33479 33481 7ff64727f4c8 33477->33481 33492 7ff64727f62d 33477->33492 33478 7ff647271810 2 API calls 33478->33461 33479->33481 33480 7ff6472aacf0 54 API calls 33483 7ff64727f4db 33480->33483 33481->33480 33482 7ff64727f517 33484 7ff6472aacf0 54 API calls 33482->33484 33483->33482 33485 7ff647272370 49 API calls 33483->33485 33483->33492 33486 7ff64727f52a 33484->33486 33485->33482 33487 7ff6472719d0 57 API calls 33486->33487 33486->33492 33488 7ff64727f540 33487->33488 33489 7ff64727f54c 33488->33489 33490 7ff64727f623 33488->33490 33493 7ff6472726e0 68 API calls 33489->33493 33491 7ff647271810 2 API calls 33490->33491 33491->33492 33492->33478 33494 7ff64727f578 33493->33494 33495 7ff647273600 49 API calls 33494->33495 33496 7ff64727f590 33495->33496 33546 7ff64727d460 RegCreateKeyExW 33496->33546 33498->33458 33500 7ff64727f2b6 GetModuleHandleW GetModuleFileNameW 33499->33500 33500->33453 33502 7ff64729fab0 33501->33502 33503 7ff64727f676 GetModuleHandleW GetModuleFileNameW 33502->33503 33507 7ff64727f6b1 __scrt_get_show_window_mode 33503->33507 33504 7ff64727f703 GetEnvironmentVariableW RegOpenKeyExW 33505 7ff64727f753 RegQueryValueExW RegCloseKey 33504->33505 33506 7ff64727f79e 33504->33506 33505->33506 33509 7ff6472719d0 57 API calls 33506->33509 33545 7ff64727f942 33506->33545 33507->33504 33508 7ff64729f650 std::_Throw_Cpp_error 8 API calls 33510 7ff64727f98a 33508->33510 33511 7ff64727f7b1 33509->33511 33510->33452 33512 7ff64727f9bc 33511->33512 33515 7ff64727f7e2 33511->33515 33516 7ff64727f7f1 33511->33516 33513 7ff647271810 2 API calls 33512->33513 33514 7ff64727f9c7 33513->33514 33558 7ff6472721f0 56 API calls 6 library calls 33515->33558 33518 7ff6472723e0 49 API calls 33516->33518 33519 7ff64727f7ef 33518->33519 33520 7ff6472719d0 57 API calls 33519->33520 33521 7ff64727f82b 33520->33521 33522 7ff64727f9a7 33521->33522 33523 7ff64727f837 33521->33523 33524 7ff647271810 2 API calls 33522->33524 33526 7ff6472726e0 68 API calls 33523->33526 33525 7ff64727f9b1 33524->33525 33528 7ff647271810 2 API calls 33525->33528 33527 7ff64727f85c 33526->33527 33529 7ff647273600 49 API calls 33527->33529 33528->33512 33530 7ff64727f875 33529->33530 33531 7ff647273600 49 API calls 33530->33531 33532 7ff64727f88b 33531->33532 33532->33525 33533 7ff64727f8b1 33532->33533 33534 7ff647272370 49 API calls 33532->33534 33535 7ff6472aacf0 54 API calls 33533->33535 33534->33533 33536 7ff64727f8c4 33535->33536 33536->33525 33537 7ff64727f8cd 33536->33537 33538 7ff647273600 49 API calls 33537->33538 33539 7ff64727f8e9 33538->33539 33540 7ff647273600 49 API calls 33539->33540 33541 7ff64727f91f 33540->33541 33542 7ff647273600 49 API calls 33541->33542 33543 7ff64727f933 33542->33543 33544 7ff64727d460 12 API calls 33543->33544 33544->33545 33545->33508 33547 7ff64727d516 33546->33547 33548 7ff64727d4c2 RegSetValueExW 33546->33548 33549 7ff64729f650 std::_Throw_Cpp_error 8 API calls 33547->33549 33552 7ff64727d52b RegCloseKey 33548->33552 33553 7ff64727d510 RegCloseKey 33548->33553 33551 7ff64727d525 33549->33551 33551->33498 33554 7ff64729f650 std::_Throw_Cpp_error 8 API calls 33552->33554 33553->33547 33555 7ff64727d540 33554->33555 33555->33498 33556->33469 33557->33477 33558->33519 33559 7ff64727b2f0 33560 7ff647278310 77 API calls 33559->33560 33561 7ff64727b349 33560->33561 33562 7ff647278310 77 API calls 33561->33562 33563 7ff64727b37e 33562->33563 33564 7ff64729f650 std::_Throw_Cpp_error 8 API calls 33563->33564 33565 7ff64727b529 33564->33565 33566 7ff6472794f0 RegCreateKeyExW 33567 7ff64727955a RegQueryValueExW 33566->33567 33568 7ff6472795af 33566->33568 33569 7ff64727959c 33567->33569 33570 7ff6472795a4 RegCloseKey 33567->33570 33571 7ff64729f650 std::_Throw_Cpp_error 8 API calls 33568->33571 33569->33570 33570->33568 33572 7ff6472795bf 33571->33572 33573 7ff64727c8d0 33583 7ff6472bd490 33573->33583 33576 7ff64727c974 GetStartupInfoW CreateProcessW 33577 7ff64727c9c7 33576->33577 33578 7ff64727c9c3 33576->33578 33577->33578 33579 7ff64727c9d1 CloseHandle 33577->33579 33581 7ff64729f650 std::_Throw_Cpp_error 8 API calls 33578->33581 33579->33578 33580 7ff64727c92c 33580->33576 33582 7ff64727c9ec 33581->33582 33584 7ff64727c907 GetModuleHandleW GetModuleFileNameW 33583->33584 33584->33576 33584->33580 33585 7ff64727cb10 SHGetSpecialFolderPathW 33586 7ff64727cb9a GetModuleHandleW GetModuleFileNameW 33585->33586 33587 7ff64727cb67 CreateDirectoryW 33585->33587 33589 7ff64727cbf2 33586->33589 33593 7ff64727cbba 33586->33593 33619 7ff6472aafa4 33587->33619 33590 7ff6472719d0 57 API calls 33589->33590 33592 7ff64727cbf7 33590->33592 33594 7ff64727cea5 33592->33594 33595 7ff64727cc03 33592->33595 33593->33589 33596 7ff647271810 2 API calls 33594->33596 33598 7ff64727cc24 33595->33598 33599 7ff64727cc33 33595->33599 33597 7ff64727ceaf 33596->33597 33621 7ff6472721f0 56 API calls 6 library calls 33598->33621 33601 7ff6472723e0 49 API calls 33599->33601 33602 7ff64727cc31 33601->33602 33603 7ff64727cc95 DeleteFileW 33602->33603 33604 7ff64727ccac 33603->33604 33606 7ff64727ccba 33603->33606 33605 7ff6472723e0 49 API calls 33604->33605 33604->33606 33605->33606 33607 7ff64727cd25 DeleteFileW 33606->33607 33608 7ff64727cd3c 33607->33608 33610 7ff64727cd4a 33607->33610 33609 7ff6472723e0 49 API calls 33608->33609 33608->33610 33609->33610 33611 7ff64727cdb5 DeleteFileW 33610->33611 33612 7ff64727cdcc 33611->33612 33614 7ff64727cdda 33611->33614 33613 7ff6472723e0 49 API calls 33612->33613 33612->33614 33613->33614 33615 7ff64727ce39 DeleteFileW 33614->33615 33616 7ff64727ce58 33615->33616 33617 7ff64729f650 std::_Throw_Cpp_error 8 API calls 33616->33617 33618 7ff64727ce88 33617->33618 33620 7ff64727cb8b CreateDirectoryW 33619->33620 33620->33589 33621->33602 33622 7ff64728976d 33623 7ff6472749a0 102 API calls 33622->33623 33624 7ff647289774 EnterCriticalSection 33623->33624 33631 7ff647290020 13 API calls std::_Throw_Cpp_error 33624->33631 33626 7ff64728978e LeaveCriticalSection 33628 7ff64728fdc7 33626->33628 33629 7ff64729f650 std::_Throw_Cpp_error 8 API calls 33628->33629 33630 7ff64728fdd6 33629->33630 33631->33626 33632 7ff64729f4ac 33655 7ff64729f14c 33632->33655 33635 7ff64729f5f8 33685 7ff64729fb1c 7 API calls 2 library calls 33635->33685 33636 7ff64729f4c8 33638 7ff64729f602 33636->33638 33640 7ff64729f4e6 33636->33640 33686 7ff64729fb1c 7 API calls 2 library calls 33638->33686 33641 7ff64729f50b 33640->33641 33647 7ff64729f528 __scrt_release_startup_lock 33640->33647 33663 7ff6472b2fa8 33640->33663 33642 7ff64729f60d BuildCatchObjectHelperInternal 33644 7ff64729f591 33669 7ff64729fc64 33644->33669 33646 7ff64729f596 33672 7ff647276b70 33646->33672 33647->33644 33684 7ff6472b2298 47 API calls __GSHandlerCheck_EH 33647->33684 33656 7ff64729f154 33655->33656 33657 7ff64729f160 __scrt_dllmain_crt_thread_attach 33656->33657 33658 7ff64729f169 33657->33658 33659 7ff64729f16d 33657->33659 33658->33635 33658->33636 33687 7ff6472b2df8 33659->33687 33664 7ff6472b2fad 33663->33664 33665 7ff6472b2fde 33663->33665 33664->33665 33704 7ff6472715e0 33664->33704 33707 7ff647271090 33664->33707 33724 7ff6472715c0 33664->33724 33665->33647 33670 7ff6472bd490 __scrt_get_show_window_mode 33669->33670 33671 7ff64729fc7b GetStartupInfoW 33670->33671 33671->33646 33673 7ff64729fab0 33672->33673 33674 7ff647276b88 CoInitializeEx 33673->33674 33895 7ff647276600 33674->33895 33676 7ff647276b9a RegOpenKeyExW 33677 7ff647276c24 RegCreateKeyExW 33676->33677 33678 7ff647276ca2 SHChangeNotify 33677->33678 33679 7ff647276cb5 33678->33679 33680 7ff64727ff00 81 API calls 33679->33680 33681 7ff647276d0e 33680->33681 33682 7ff6472904d0 70 API calls 33681->33682 33683 7ff647276d13 33682->33683 33684->33644 33685->33638 33686->33642 33688 7ff6472b7c28 33687->33688 33689 7ff64729f172 33688->33689 33692 7ff6472b4f50 33688->33692 33689->33658 33691 7ff6472a1730 7 API calls 2 library calls 33689->33691 33691->33658 33703 7ff6472b1d34 EnterCriticalSection 33692->33703 33727 7ff6472807a0 33704->33727 33708 7ff64729f38c std::_Throw_Cpp_error 61 API calls 33707->33708 33712 7ff6472711f8 33708->33712 33709 7ff6472712c8 33710 7ff647272c40 49 API calls 33709->33710 33713 7ff6472712f9 33710->33713 33711 7ff64729f38c std::_Throw_Cpp_error 61 API calls 33711->33712 33712->33709 33712->33711 33714 7ff64729f38c std::_Throw_Cpp_error 61 API calls 33713->33714 33718 7ff64727133b 33714->33718 33715 7ff64727140c 33716 7ff647272c40 49 API calls 33715->33716 33719 7ff647271439 LoadLibraryW 33716->33719 33717 7ff64729f38c std::_Throw_Cpp_error 61 API calls 33717->33718 33718->33715 33718->33717 33870 7ff6472aadc8 33719->33870 33723 7ff6472714c0 33723->33664 33873 7ff64727b5a0 33724->33873 33728 7ff647280836 __scrt_get_show_window_mode 33727->33728 33729 7ff64729f38c std::_Throw_Cpp_error 61 API calls 33728->33729 33730 7ff64728089c 33729->33730 33731 7ff64729da10 85 API calls 33730->33731 33732 7ff6472808c0 33731->33732 33820 7ff6472974d0 33732->33820 33735 7ff6472719d0 57 API calls 33736 7ff6472808d3 33735->33736 33737 7ff647281011 33736->33737 33740 7ff6472719d0 57 API calls 33736->33740 33738 7ff647271810 2 API calls 33737->33738 33739 7ff64728101c 33738->33739 33742 7ff647271810 2 API calls 33739->33742 33741 7ff6472808f5 33740->33741 33741->33739 33745 7ff6472719d0 57 API calls 33741->33745 33743 7ff647281027 33742->33743 33744 7ff647271810 2 API calls 33743->33744 33746 7ff647281032 33744->33746 33747 7ff647280917 33745->33747 33748 7ff647271810 2 API calls 33746->33748 33747->33743 33751 7ff6472719d0 57 API calls 33747->33751 33749 7ff64728103d 33748->33749 33750 7ff647271810 2 API calls 33749->33750 33752 7ff647281048 33750->33752 33753 7ff647280939 33751->33753 33754 7ff647271810 2 API calls 33752->33754 33753->33746 33756 7ff6472719d0 57 API calls 33753->33756 33755 7ff647281053 33754->33755 33758 7ff647271810 2 API calls 33755->33758 33757 7ff64728095b 33756->33757 33757->33749 33761 7ff6472719d0 57 API calls 33757->33761 33759 7ff64728105e 33758->33759 33760 7ff647271810 2 API calls 33759->33760 33762 7ff647281069 33760->33762 33763 7ff64728097d 33761->33763 33764 7ff647271810 2 API calls 33762->33764 33763->33752 33767 7ff6472719d0 57 API calls 33763->33767 33765 7ff647281074 33764->33765 33766 7ff647271810 2 API calls 33765->33766 33768 7ff64728107f 33766->33768 33769 7ff64728099f 33767->33769 33770 7ff647271810 2 API calls 33768->33770 33769->33755 33772 7ff6472719d0 57 API calls 33769->33772 33771 7ff64728108a 33770->33771 33773 7ff647271810 2 API calls 33771->33773 33774 7ff6472809d3 33772->33774 33775 7ff647281095 33773->33775 33774->33759 33777 7ff6472719d0 57 API calls 33774->33777 33776 7ff647271810 2 API calls 33775->33776 33778 7ff6472810a0 33776->33778 33779 7ff6472809f5 33777->33779 33780 7ff647271810 2 API calls 33778->33780 33779->33762 33783 7ff6472719d0 57 API calls 33779->33783 33781 7ff6472810ab 33780->33781 33782 7ff647271810 2 API calls 33781->33782 33784 7ff6472810b6 33782->33784 33785 7ff647280a17 33783->33785 33786 7ff647294fb0 47 API calls 33784->33786 33785->33765 33788 7ff6472719d0 57 API calls 33785->33788 33787 7ff6472810d8 33786->33787 33789 7ff647280a39 33788->33789 33789->33768 33790 7ff6472719d0 57 API calls 33789->33790 33791 7ff647280a5b 33790->33791 33791->33771 33792 7ff6472719d0 57 API calls 33791->33792 33793 7ff647280a7d 33792->33793 33793->33775 33794 7ff6472719d0 57 API calls 33793->33794 33795 7ff647280a9f 33794->33795 33795->33778 33796 7ff6472719d0 57 API calls 33795->33796 33797 7ff647280ac1 33796->33797 33797->33781 33798 7ff6472719d0 57 API calls 33797->33798 33799 7ff647280ae3 33798->33799 33800 7ff647281007 33799->33800 33801 7ff647280aef 33799->33801 33802 7ff647271810 2 API calls 33800->33802 33803 7ff64729f38c std::_Throw_Cpp_error 61 API calls 33801->33803 33802->33737 33804 7ff647280b16 33803->33804 33805 7ff64729f38c std::_Throw_Cpp_error 61 API calls 33804->33805 33806 7ff647280b56 33805->33806 33807 7ff64729f38c std::_Throw_Cpp_error 61 API calls 33806->33807 33808 7ff647280d6b 33807->33808 33809 7ff64729f38c std::_Throw_Cpp_error 61 API calls 33808->33809 33810 7ff647280dab 33809->33810 33811 7ff647280e82 GetSystemInfo 33810->33811 33812 7ff647271f60 2 API calls 33811->33812 33813 7ff647280eae 33812->33813 33840 7ff6472aa548 33813->33840 33816 7ff6472818a0 78 API calls 33817 7ff647280f78 CreateEventW CreateEventW CreateEventW 33816->33817 33818 7ff647290110 116 API calls 33817->33818 33819 7ff6472715e9 33818->33819 33821 7ff6472719d0 57 API calls 33820->33821 33822 7ff6472974fc 33821->33822 33832 7ff647297807 33822->33832 33849 7ff64729d580 33822->33849 33823 7ff647271810 2 API calls 33824 7ff647297812 33823->33824 33827 7ff6472719d0 57 API calls 33828 7ff647297540 33827->33828 33829 7ff64729754c 33828->33829 33830 7ff6472977fd 33828->33830 33833 7ff647297586 33829->33833 33861 7ff64727aab0 12 API calls 2 library calls 33829->33861 33831 7ff647271810 2 API calls 33830->33831 33831->33832 33832->33823 33836 7ff6472975ae 17 API calls 33833->33836 33837 7ff647297730 LoadLibraryW 33833->33837 33839 7ff6472808cd 33833->33839 33835 7ff647297578 33862 7ff64727aab0 12 API calls 2 library calls 33835->33862 33836->33839 33837->33839 33839->33735 33845 7ff6472aa565 33840->33845 33841 7ff6472aa56a 33842 7ff647280ed1 8 API calls 33841->33842 33867 7ff6472aa410 11 API calls _set_fmode 33841->33867 33842->33816 33844 7ff6472aa574 33868 7ff6472aa2ec 47 API calls _invalid_parameter_noinfo 33844->33868 33845->33841 33845->33842 33847 7ff6472aa5b6 33845->33847 33847->33842 33869 7ff6472aa410 11 API calls _set_fmode 33847->33869 33850 7ff64729d62e 33849->33850 33852 7ff64729d670 33849->33852 33850->33852 33863 7ff64727d120 61 API calls 4 library calls 33850->33863 33854 7ff64729d6b2 BuildCatchObjectHelperInternal 33852->33854 33864 7ff64729d8d0 61 API calls 4 library calls 33852->33864 33858 7ff64729d80f 33854->33858 33865 7ff64727d120 61 API calls 4 library calls 33854->33865 33856 7ff64729f650 std::_Throw_Cpp_error 8 API calls 33857 7ff647297524 33856->33857 33857->33827 33858->33858 33859 7ff64729d864 BuildCatchObjectHelperInternal 33858->33859 33866 7ff64729d8d0 61 API calls 4 library calls 33858->33866 33859->33856 33861->33835 33862->33833 33863->33850 33864->33854 33865->33854 33866->33859 33867->33844 33868->33842 33869->33844 33871 7ff64727147d GetModuleHandleW 33870->33871 33872 7ff64727b540 50 API calls std::_Throw_Cpp_error 33871->33872 33872->33723 33874 7ff6472719d0 57 API calls 33873->33874 33875 7ff64727b5d0 33874->33875 33876 7ff64727b5dc 33875->33876 33877 7ff64727b6e2 33875->33877 33886 7ff64727ca00 RegCreateKeyExW 33876->33886 33878 7ff647271810 2 API calls 33877->33878 33879 7ff64727b6ec 33878->33879 33881 7ff64727b606 33882 7ff6472726e0 68 API calls 33881->33882 33883 7ff64727b6c5 33882->33883 33884 7ff64729f650 std::_Throw_Cpp_error 8 API calls 33883->33884 33885 7ff6472715c9 33884->33885 33887 7ff64727ca5d RegQueryValueExW 33886->33887 33888 7ff64727caa5 33886->33888 33889 7ff64727caba RegCloseKey 33887->33889 33890 7ff64727ca9f RegCloseKey 33887->33890 33891 7ff64729f650 std::_Throw_Cpp_error 8 API calls 33888->33891 33893 7ff64729f650 std::_Throw_Cpp_error 8 API calls 33889->33893 33890->33888 33892 7ff64727cab4 33891->33892 33892->33881 33894 7ff64727cacf 33893->33894 33894->33881 33896 7ff647276669 33895->33896 33897 7ff647276691 33896->33897 33927 7ff64727aab0 12 API calls 2 library calls 33896->33927 33899 7ff6472766a5 OpenSCManagerW 33897->33899 33900 7ff64727683d std::_Throw_Cpp_error 33897->33900 33902 7ff6472766bd OpenServiceW 33899->33902 33903 7ff64727671f 33899->33903 33910 7ff6472768ae 33900->33910 33931 7ff6472aa30c 47 API calls 2 library calls 33900->33931 33901 7ff647276682 33928 7ff64727aab0 12 API calls 2 library calls 33901->33928 33906 7ff6472766db CloseServiceHandle 33902->33906 33907 7ff6472766e6 QueryServiceStatus CloseServiceHandle CloseServiceHandle 33902->33907 33903->33900 33929 7ff647296de0 21 API calls 2 library calls 33903->33929 33906->33903 33907->33903 33908 7ff64727672f 33930 7ff647296fc0 16 API calls std::_Throw_Cpp_error 33908->33930 33910->33676 33911 7ff647276734 OpenSCManagerW 33912 7ff64727674c OpenServiceW 33911->33912 33913 7ff6472767b9 LoadStringW 33911->33913 33914 7ff64727676a CloseServiceHandle 33912->33914 33915 7ff647276775 QueryServiceStatus CloseServiceHandle CloseServiceHandle 33912->33915 33916 7ff6472767da 33913->33916 33917 7ff647276824 MessageBoxW 33913->33917 33914->33913 33915->33913 33918 7ff6472767ae 33915->33918 33919 7ff6472767f6 GetModuleHandleW LoadStringW 33916->33919 33920 7ff6472767e2 LoadLibraryW 33916->33920 33917->33900 33918->33900 33918->33913 33919->33917 33922 7ff64727681f 33919->33922 33920->33919 33922->33917 33927->33901 33928->33897 33929->33908 33930->33911 33932 7ff6472b20c1 33944 7ff6472b1e14 33932->33944 33949 7ff6472b49f8 47 API calls 3 library calls 33944->33949 33946 7ff6472b1e1d 33950 7ff6472b1da4 47 API calls BuildCatchObjectHelperInternal 33946->33950 33949->33946 33951 7ff647291d80 33952 7ff647291dd0 CreateFileW 33951->33952 33953 7ff647291e07 GetLastError 33952->33953 33954 7ff647291e28 WriteFile 33952->33954 33955 7ff647291e16 Sleep 33953->33955 33956 7ff647291f0b 33953->33956 33957 7ff6472719d0 57 API calls 33954->33957 33955->33952 33955->33954 33958 7ff64729f650 std::_Throw_Cpp_error 8 API calls 33956->33958 33980 7ff647291e4f 33957->33980 33959 7ff647292381 33958->33959 33960 7ff647271810 2 API calls 33962 7ff6472923b1 33960->33962 33961 7ff647292336 FlushFileBuffers SetEndOfFile 33961->33956 33963 7ff64729234d FindCloseChangeNotification 33961->33963 33964 7ff647271810 2 API calls 33962->33964 33963->33956 33965 7ff6472923bc 33964->33965 33966 7ff647271810 2 API calls 33965->33966 33967 7ff6472923c7 33966->33967 33968 7ff647275660 49 API calls 33968->33980 33969 7ff6472719d0 57 API calls 33969->33980 33970 7ff64729239c 33971 7ff647271810 2 API calls 33970->33971 33972 7ff6472923a6 33971->33972 33972->33960 33973 7ff647272370 49 API calls 33973->33980 33974 7ff6472726e0 68 API calls 33974->33980 33975 7ff6472921db WriteFile 33978 7ff6472922a8 33975->33978 33975->33980 33976 7ff6472723e0 49 API calls 33976->33980 33977 7ff647272090 50 API calls 33977->33980 33978->33956 33981 7ff6472922ad CloseHandle 33978->33981 33979 7ff647292188 WriteFile 33979->33978 33979->33980 33980->33961 33980->33962 33980->33965 33980->33968 33980->33969 33980->33970 33980->33972 33980->33973 33980->33974 33980->33975 33980->33976 33980->33977 33980->33979 33981->33956 33982 7ff647299860 33983 7ff647299880 33982->33983 34017 7ff64727eaa0 33983->34017 33986 7ff6472719d0 57 API calls 33987 7ff6472998a4 33986->33987 33988 7ff647299b5a 33987->33988 33990 7ff6472998c8 __scrt_get_show_window_mode 33987->33990 33993 7ff647299951 33987->33993 33989 7ff647271810 2 API calls 33988->33989 33992 7ff647299b65 33989->33992 33991 7ff6472998d9 GetModuleHandleW GetModuleFileNameW 33990->33991 33994 7ff6472998fc 33991->33994 33995 7ff6472723e0 49 API calls 33993->33995 33994->33993 33998 7ff647299978 33995->33998 33996 7ff647299b4f 33997 7ff647271810 2 API calls 33996->33997 33997->33988 33998->33996 33999 7ff647272370 49 API calls 33998->33999 34000 7ff6472999ca 33998->34000 33999->34000 34000->33996 34000->34000 34001 7ff647299a08 GetFileAttributesW 34000->34001 34002 7ff647299a1f 34001->34002 34003 7ff647299ae6 34001->34003 34004 7ff6472719d0 57 API calls 34002->34004 34006 7ff64729f650 std::_Throw_Cpp_error 8 API calls 34003->34006 34005 7ff647299a60 34004->34005 34007 7ff647299b45 34005->34007 34008 7ff647299a6c 34005->34008 34009 7ff647299b2d 34006->34009 34010 7ff647271810 2 API calls 34007->34010 34011 7ff647299a8d 34008->34011 34012 7ff647299a9c 34008->34012 34010->33996 34227 7ff6472721f0 56 API calls 6 library calls 34011->34227 34015 7ff6472723e0 49 API calls 34012->34015 34014 7ff647299a9a 34060 7ff64727d820 34014->34060 34015->34014 34018 7ff64727eae5 34017->34018 34019 7ff64727eace 34017->34019 34021 7ff6472719d0 57 API calls 34018->34021 34033 7ff64727eaf5 34018->34033 34228 7ff64727aab0 12 API calls 2 library calls 34019->34228 34023 7ff64727eb01 34021->34023 34022 7ff64727ead5 34229 7ff64727aab0 12 API calls 2 library calls 34022->34229 34026 7ff64727eb0d 34023->34026 34027 7ff64727ee2a 34023->34027 34024 7ff64729f650 std::_Throw_Cpp_error 8 API calls 34028 7ff64727ebc7 34024->34028 34030 7ff64727eb3b 34026->34030 34230 7ff64727aab0 12 API calls 2 library calls 34026->34230 34029 7ff647271810 2 API calls 34027->34029 34028->33986 34040 7ff64727ee34 34029->34040 34032 7ff64727eb4b CoInitializeEx CoCreateInstance 34030->34032 34030->34033 34035 7ff64727ebdc VariantInit VariantInit VariantInit VariantInit 34032->34035 34036 7ff64727eb82 34032->34036 34033->34024 34034 7ff64727eb2b 34231 7ff64727aab0 12 API calls 2 library calls 34034->34231 34039 7ff64727ecb3 VariantClear VariantClear VariantClear VariantClear 34035->34039 34038 7ff6472726e0 68 API calls 34036->34038 34038->34033 34041 7ff64727ece7 34039->34041 34042 7ff64727ed0f 34039->34042 34044 7ff6472726e0 68 API calls 34041->34044 34043 7ff64729f38c std::_Throw_Cpp_error 61 API calls 34042->34043 34045 7ff64727ed1d 34043->34045 34046 7ff64727ecfa CoUninitialize 34044->34046 34047 7ff64727ed2a SysAllocString 34045->34047 34049 7ff64727ed5a 34045->34049 34046->34033 34047->34040 34047->34049 34049->34040 34232 7ff64727d7a0 34049->34232 34051 7ff64727ed8a 34051->34046 34052 7ff64727ed92 34051->34052 34053 7ff64727ee09 CoUninitialize 34052->34053 34054 7ff64729f38c std::_Throw_Cpp_error 61 API calls 34052->34054 34053->34033 34055 7ff64727eda6 34054->34055 34056 7ff64727edb3 SysAllocString 34055->34056 34058 7ff64727eddf 34055->34058 34056->34040 34056->34058 34058->34040 34059 7ff64727d7a0 SysFreeString 34058->34059 34059->34053 34061 7ff6472719d0 57 API calls 34060->34061 34064 7ff64727d85d 34061->34064 34062 7ff647271810 2 API calls 34063 7ff64727ea6f 34062->34063 34066 7ff647271810 2 API calls 34063->34066 34065 7ff64727d8a1 34064->34065 34137 7ff64727ea38 34064->34137 34251 7ff64727aab0 12 API calls 2 library calls 34064->34251 34068 7ff64727d8bc CoInitializeEx 34065->34068 34225 7ff64727df49 34065->34225 34069 7ff64727ea7a 34066->34069 34071 7ff64727d8ec CoCreateInstance 34068->34071 34072 7ff64727d8cf 34068->34072 34080 7ff647271810 2 API calls 34069->34080 34070 7ff64727d891 34252 7ff64727aab0 12 API calls 2 library calls 34070->34252 34073 7ff64727d9f7 VariantInit VariantInit VariantInit VariantInit 34071->34073 34074 7ff64727d927 LoadStringW 34071->34074 34253 7ff64727aab0 12 API calls 2 library calls 34072->34253 34086 7ff64727daf3 VariantClear VariantClear VariantClear VariantClear 34073->34086 34078 7ff64727d99d 34074->34078 34079 7ff64727d94d 34074->34079 34077 7ff64729f650 std::_Throw_Cpp_error 8 API calls 34082 7ff64727e0bb 34077->34082 34085 7ff6472726e0 68 API calls 34078->34085 34083 7ff64727d96a GetModuleHandleW LoadStringW 34079->34083 34084 7ff64727d956 LoadLibraryW 34079->34084 34104 7ff64727ea85 34080->34104 34081 7ff64727d8d6 34254 7ff64727aab0 12 API calls 2 library calls 34081->34254 34082->34003 34083->34078 34091 7ff64727d995 34083->34091 34084->34083 34092 7ff64727d9ba 34085->34092 34088 7ff64727dbfa 34086->34088 34089 7ff64727db28 LoadStringW 34086->34089 34095 7ff64729f38c std::_Throw_Cpp_error 61 API calls 34088->34095 34093 7ff64727db9d 34089->34093 34094 7ff64727db4e 34089->34094 34090 7ff64727d8e5 34090->34071 34091->34078 34102 7ff64727d9d6 MessageBoxW 34092->34102 34092->34225 34098 7ff6472726e0 68 API calls 34093->34098 34096 7ff64727db6a GetModuleHandleW LoadStringW 34094->34096 34097 7ff64727db56 LoadLibraryW 34094->34097 34099 7ff64727dc0b 34095->34099 34096->34093 34100 7ff64727db95 34096->34100 34097->34096 34101 7ff64727dbba 34098->34101 34103 7ff64727dc18 SysAllocString 34099->34103 34107 7ff64727dc48 34099->34107 34100->34093 34105 7ff64727dbd2 MessageBoxW 34101->34105 34106 7ff64727dbee CoUninitialize 34101->34106 34102->34225 34103->34107 34123 7ff64727e9e7 34103->34123 34105->34106 34106->34225 34108 7ff64727d7a0 SysFreeString 34107->34108 34107->34137 34109 7ff64727dc7e 34108->34109 34111 7ff64727dd5c 34109->34111 34112 7ff64727dc86 34109->34112 34113 7ff64729f38c std::_Throw_Cpp_error 61 API calls 34111->34113 34112->34106 34116 7ff64727dca2 LoadStringW 34112->34116 34114 7ff64727dd66 34113->34114 34115 7ff64727dd73 SysAllocString 34114->34115 34125 7ff64727dda3 34114->34125 34115->34123 34115->34125 34117 7ff64727dcc8 34116->34117 34118 7ff64727dd17 34116->34118 34120 7ff64727dce4 GetModuleHandleW LoadStringW 34117->34120 34121 7ff64727dcd0 LoadLibraryW 34117->34121 34119 7ff6472726e0 68 API calls 34118->34119 34122 7ff64727dd34 MessageBoxW 34119->34122 34120->34118 34124 7ff64727dd0f 34120->34124 34121->34120 34122->34106 34259 7ff6472aa410 11 API calls _set_fmode 34123->34259 34124->34118 34128 7ff64727d7a0 SysFreeString 34125->34128 34125->34137 34127 7ff64727ea23 34260 7ff6472aa2ec 47 API calls _invalid_parameter_noinfo 34127->34260 34130 7ff64727ddd2 34128->34130 34132 7ff64727ded7 34130->34132 34133 7ff64727de06 34130->34133 34131 7ff647271810 2 API calls 34131->34137 34141 7ff64727def8 34132->34141 34147 7ff64727df68 34132->34147 34133->34106 34134 7ff64727de22 LoadStringW 34133->34134 34135 7ff64727de99 34134->34135 34136 7ff64727de49 34134->34136 34140 7ff6472726e0 68 API calls 34135->34140 34138 7ff64727de65 GetModuleHandleW LoadStringW 34136->34138 34139 7ff64727de51 LoadLibraryW 34136->34139 34137->34062 34138->34135 34142 7ff64727de91 34138->34142 34139->34138 34143 7ff64727deaf MessageBoxW 34140->34143 34144 7ff6472726e0 68 API calls 34141->34144 34141->34225 34142->34135 34143->34106 34145 7ff64727df2d MessageBoxW 34144->34145 34145->34225 34146 7ff6472726e0 68 API calls 34150 7ff64727e048 MessageBoxW 34146->34150 34148 7ff64727e0d7 34147->34148 34149 7ff64727df8f 34147->34149 34151 7ff64729f38c std::_Throw_Cpp_error 61 API calls 34148->34151 34149->34106 34149->34146 34150->34106 34152 7ff64727e0e1 34151->34152 34153 7ff64727e0ee SysAllocString 34152->34153 34154 7ff64727e11e 34152->34154 34153->34123 34153->34154 34154->34137 34155 7ff64727d7a0 SysFreeString 34154->34155 34157 7ff64727e14d 34155->34157 34156 7ff6472726e0 68 API calls 34156->34157 34157->34106 34157->34156 34158 7ff64727e29e 34157->34158 34159 7ff64729f38c std::_Throw_Cpp_error 61 API calls 34158->34159 34160 7ff64727e2e8 34159->34160 34161 7ff64727e2f5 SysAllocString 34160->34161 34162 7ff64727e325 34160->34162 34161->34123 34161->34162 34162->34137 34163 7ff64727d7a0 SysFreeString 34162->34163 34164 7ff64727e352 34163->34164 34165 7ff6472726e0 68 API calls 34164->34165 34168 7ff64727e3a7 34164->34168 34166 7ff64727e373 34165->34166 34167 7ff64727e38b MessageBoxW 34166->34167 34166->34168 34167->34168 34169 7ff6472719d0 57 API calls 34168->34169 34170 7ff64727e47b 34169->34170 34170->34063 34171 7ff64727e4b8 34170->34171 34172 7ff64727e4a6 34170->34172 34173 7ff6472723e0 49 API calls 34171->34173 34255 7ff6472721f0 56 API calls 6 library calls 34172->34255 34175 7ff64727e4b6 34173->34175 34176 7ff6472719d0 57 API calls 34175->34176 34177 7ff64727e4e5 34176->34177 34177->34069 34178 7ff64727e510 34177->34178 34180 7ff64727e521 34177->34180 34256 7ff6472721f0 56 API calls 6 library calls 34178->34256 34180->34180 34181 7ff6472723e0 49 API calls 34180->34181 34187 7ff64727e51f 34181->34187 34182 7ff64727e63d 34184 7ff647275660 49 API calls 34182->34184 34183 7ff6472726e0 68 API calls 34183->34182 34185 7ff64727e649 34184->34185 34186 7ff64729f38c std::_Throw_Cpp_error 61 API calls 34185->34186 34188 7ff64727e653 34186->34188 34189 7ff64727e5a7 34187->34189 34191 7ff647272370 49 API calls 34187->34191 34193 7ff64727e5f3 BuildCatchObjectHelperInternal 34187->34193 34201 7ff64727e5ee 34187->34201 34190 7ff64727e660 SysAllocString 34188->34190 34192 7ff64727e68f 34188->34192 34189->34123 34189->34193 34194 7ff64727e5de 34189->34194 34190->34192 34191->34189 34192->34123 34192->34137 34196 7ff64727d7a0 SysFreeString 34192->34196 34193->34182 34193->34183 34193->34201 34257 7ff6472aa410 11 API calls _set_fmode 34194->34257 34198 7ff64727e6c7 34196->34198 34197 7ff64727e5e3 34258 7ff6472aa2ec 47 API calls _invalid_parameter_noinfo 34197->34258 34200 7ff64729f38c std::_Throw_Cpp_error 61 API calls 34198->34200 34202 7ff64727e6d1 34200->34202 34201->34131 34203 7ff64727e6e5 SysAllocString 34202->34203 34204 7ff64727e70d 34202->34204 34203->34204 34204->34123 34204->34137 34205 7ff64727e729 34204->34205 34206 7ff64727d7a0 SysFreeString 34205->34206 34207 7ff64727e744 34206->34207 34208 7ff64727e755 34207->34208 34209 7ff64727e764 SysAllocString 34207->34209 34211 7ff6472726e0 68 API calls 34208->34211 34209->34104 34210 7ff64727e78e VariantInit 34209->34210 34236 7ff64729ff20 34210->34236 34213 7ff64727e919 34211->34213 34217 7ff64727e94d CoUninitialize 34213->34217 34218 7ff64727e931 MessageBoxW 34213->34218 34214 7ff64727e7ce 34215 7ff64729f38c std::_Throw_Cpp_error 61 API calls 34214->34215 34216 7ff64727e823 34215->34216 34219 7ff64727e830 SysAllocString 34216->34219 34220 7ff64727e860 34216->34220 34217->34225 34218->34217 34219->34137 34219->34220 34220->34104 34222 7ff64727d7a0 SysFreeString 34220->34222 34223 7ff64727e8d7 VariantClear VariantClear VariantClear 34222->34223 34223->34208 34225->34077 34227->34014 34228->34022 34229->34018 34230->34034 34231->34030 34233 7ff64727d7b5 34232->34233 34234 7ff64727d7d9 34232->34234 34233->34234 34235 7ff64727d7cc SysFreeString 34233->34235 34234->34051 34235->34234 34237 7ff64729ff6f 34236->34237 34238 7ff64729ff50 34236->34238 34241 7ff64729ff8f MultiByteToWideChar 34237->34241 34243 7ff6472a0048 __std_exception_destroy 34237->34243 34239 7ff64729f650 std::_Throw_Cpp_error 8 API calls 34238->34239 34240 7ff64729ff5e 34239->34240 34240->34214 34242 7ff6472a0073 GetLastError 34241->34242 34244 7ff64729ffbc 34241->34244 34246 7ff6472a007d __std_exception_destroy 34242->34246 34243->34242 34249 7ff6472a0055 34243->34249 34244->34243 34247 7ff6472a0015 MultiByteToWideChar 34244->34247 34245 7ff6472a009e GetLastError 34250 7ff6472a00a8 34245->34250 34246->34245 34247->34246 34248 7ff6472a0033 SysAllocString 34247->34248 34248->34243 34249->34214 34250->34214 34251->34070 34252->34065 34253->34081 34254->34090 34255->34175 34256->34187 34257->34197 34258->34201 34259->34127 34260->34201 34261 7ff647275c40 34262 7ff6472719d0 57 API calls 34261->34262 34263 7ff647275c63 34262->34263 34264 7ff647275e39 34263->34264 34267 7ff647275c6f 34263->34267 34265 7ff647271810 2 API calls 34264->34265 34266 7ff647275e43 34265->34266 34268 7ff64729f38c std::_Throw_Cpp_error 61 API calls 34267->34268 34269 7ff647275cce 34268->34269 34270 7ff64729f38c std::_Throw_Cpp_error 61 API calls 34269->34270 34271 7ff647275ce8 34270->34271 34272 7ff647278310 77 API calls 34271->34272 34273 7ff647275d02 34272->34273 34279 7ff647272c70 34273->34279 34276 7ff647278310 77 API calls 34277 7ff647275d2d 34276->34277 34278 7ff647275df6 CreateEventW CreateEventW 34277->34278 34280 7ff647272ca1 __scrt_get_show_window_mode 34279->34280 34281 7ff647272e83 34280->34281 34283 7ff6472719d0 57 API calls 34280->34283 34282 7ff647273910 49 API calls 34281->34282 34284 7ff647272e8e 34282->34284 34288 7ff647272cb6 34283->34288 34284->34276 34285 7ff647272eb8 34286 7ff647271810 2 API calls 34285->34286 34287 7ff647272ec3 34286->34287 34288->34285 34289 7ff647272e2b 34288->34289 34290 7ff6472aa548 47 API calls 34288->34290 34305 7ff647272ed0 34289->34305 34291 7ff647272d11 34290->34291 34291->34289 34294 7ff647272d37 34291->34294 34293 7ff647272e5c GetFileAttributesW 34295 7ff647272e6a SHCreateDirectoryExW 34293->34295 34296 7ff647272e78 34293->34296 34298 7ff6472723e0 49 API calls 34294->34298 34295->34296 34297 7ff647273910 49 API calls 34296->34297 34297->34281 34301 7ff647272d58 34298->34301 34299 7ff647272eae 34302 7ff647271810 2 API calls 34299->34302 34300 7ff647272dea 34300->34299 34303 7ff647272dff 34300->34303 34301->34293 34301->34299 34301->34300 34301->34303 34304 7ff647272370 49 API calls 34301->34304 34302->34285 34303->34293 34303->34303 34304->34300 34306 7ff647272f06 __scrt_get_show_window_mode 34305->34306 34307 7ff64727b6f0 20 API calls 34306->34307 34308 7ff647272f0b SHGetSpecialFolderPathW 34307->34308 34309 7ff647272f3a 34308->34309 34311 7ff6472730b0 34308->34311 34310 7ff6472723e0 49 API calls 34309->34310 34315 7ff647272f68 34310->34315 34312 7ff6472730a7 34311->34312 34313 7ff647271810 2 API calls 34311->34313 34312->34303 34314 7ff647273134 34313->34314 34315->34311 34316 7ff647272370 49 API calls 34315->34316 34318 7ff647272fbd 34315->34318 34316->34318 34317 7ff64727304d 34317->34311 34320 7ff647273061 34317->34320 34318->34311 34318->34317 34319 7ff647272370 49 API calls 34318->34319 34318->34320 34319->34317 34321 7ff64727308b GetFileAttributesW 34320->34321 34321->34312 34322 7ff647273099 SHCreateDirectoryExW 34321->34322 34322->34312 34323 7ff647276900 RegCreateKeyExW 34324 7ff647276957 RegSetValueExW 34323->34324 34325 7ff647276990 34323->34325 34326 7ff64727698a RegCloseKey 34324->34326 34327 7ff647276b30 RegCloseKey 34324->34327 34328 7ff647276993 RegCreateKeyExW 34325->34328 34326->34325 34327->34328 34329 7ff6472769d6 RegSetValueExW 34328->34329 34330 7ff647276a0f 34328->34330 34331 7ff647276a09 RegCloseKey 34329->34331 34332 7ff647276b3e RegCloseKey 34329->34332 34333 7ff647276a11 RegCreateKeyExW 34330->34333 34331->34330 34332->34333 34334 7ff647276a99 34333->34334 34335 7ff647276a57 RegSetValueExW 34333->34335 34336 7ff647276a9b RegCreateKeyExW 34334->34336 34337 7ff647276b4b RegCloseKey 34335->34337 34338 7ff647276a93 RegCloseKey 34335->34338 34339 7ff647276b1c 34336->34339 34340 7ff647276ade RegSetValueExW 34336->34340 34337->34336 34338->34334 34341 7ff647276b56 RegCloseKey 34340->34341 34342 7ff647276b16 RegCloseKey 34340->34342 34342->34339 34343 7ff64727ee60 34344 7ff64727eeb5 34343->34344 34345 7ff64727ee9e 34343->34345 34347 7ff64727f01c 34344->34347 34348 7ff64727eec9 CoInitializeEx CoCreateInstance 34344->34348 34373 7ff64727aab0 12 API calls 2 library calls 34345->34373 34352 7ff64729f650 std::_Throw_Cpp_error 8 API calls 34347->34352 34350 7ff64727ef0a VariantInit VariantInit VariantInit VariantInit 34348->34350 34351 7ff64727f016 CoUninitialize 34348->34351 34349 7ff64727eea5 34374 7ff64727aab0 12 API calls 2 library calls 34349->34374 34354 7ff64727efda VariantClear VariantClear VariantClear VariantClear 34350->34354 34351->34347 34355 7ff64727f02d 34352->34355 34356 7ff64727f00c 34354->34356 34357 7ff64727f049 34354->34357 34356->34351 34358 7ff64729f38c std::_Throw_Cpp_error 61 API calls 34357->34358 34359 7ff64727f057 34358->34359 34360 7ff64727f063 SysAllocString 34359->34360 34362 7ff64727f090 34359->34362 34361 7ff64727f26d 34360->34361 34360->34362 34362->34361 34363 7ff64727d7a0 SysFreeString 34362->34363 34364 7ff64727f0be 34363->34364 34364->34351 34370 7ff64727f0f8 34364->34370 34365 7ff64727f16c VariantClear 34365->34370 34366 7ff64727f22a SysFreeString 34368 7ff64727f256 CoUninitialize 34366->34368 34368->34347 34369 7ff6472a8dac 53 API calls 34369->34370 34370->34365 34370->34366 34370->34369 34372 7ff64727f20a SysFreeString 34370->34372 34372->34370 34373->34349 34374->34344 34375 7ff6472796a0 RegCreateKeyExW 34376 7ff64727973b 34375->34376 34377 7ff647279705 RegDeleteValueW 34375->34377 34380 7ff64729f650 std::_Throw_Cpp_error 8 API calls 34376->34380 34378 7ff64727971b 34377->34378 34379 7ff647279730 RegCloseKey 34377->34379 34378->34379 34379->34376 34381 7ff64727974b 34380->34381 34382 7ff64727d3a0 RegOpenKeyExW 34383 7ff64727d3ed RegQueryValueExW 34382->34383 34384 7ff64727d431 34382->34384 34385 7ff64727d44b RegCloseKey 34383->34385 34386 7ff64727d42b RegCloseKey 34383->34386 34387 7ff64729f650 std::_Throw_Cpp_error 8 API calls 34384->34387 34385->34384 34386->34384 34388 7ff64727d440 34387->34388

                                                                                                                                                                                                                            Executed Functions

                                                                                                                                                                                                                            Function 00007FF64728256A Relevance: 328.4, APIs: 19, Strings: 166, Instructions: 4673sleepCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                              • Part of subcall function 00007FF6472749A0: GetUserDefaultUILanguage.KERNEL32 ref: 00007FF6472749A6
                                                                                                                                                                                                                            • EnterCriticalSection.KERNEL32(00000277D9010000,?,?,00000000,?,00007FF647289854), ref: 00007FF647282576
                                                                                                                                                                                                                              • Part of subcall function 00007FF647282430: RegOpenKeyExW.KERNELBASE ref: 00007FF64728246C
                                                                                                                                                                                                                              • Part of subcall function 00007FF647282430: RegQueryValueExW.KERNELBASE ref: 00007FF6472824AE
                                                                                                                                                                                                                              • Part of subcall function 00007FF647282430: RegCloseKey.KERNELBASE ref: 00007FF6472824BD
                                                                                                                                                                                                                              • Part of subcall function 00007FF647293590: CreateFileW.KERNEL32 ref: 00007FF64729362F
                                                                                                                                                                                                                            • Sleep.KERNEL32 ref: 00007FF64728259E
                                                                                                                                                                                                                              • Part of subcall function 00007FF647275660: _invalid_parameter_noinfo.LIBCMT ref: 00007FF64727574F
                                                                                                                                                                                                                            • EnterCriticalSection.KERNEL32(?,?,00000000,?,00007FF647289854), ref: 00007FF647283FD8
                                                                                                                                                                                                                            • LeaveCriticalSection.KERNEL32(?,?,00000000,?,00007FF647289854), ref: 00007FF6472840BC
                                                                                                                                                                                                                              • Part of subcall function 00007FF64729ED68: ReleaseSRWLockExclusive.KERNEL32(?,?,?,?,00007FF64729044F), ref: 00007FF64729ED7A
                                                                                                                                                                                                                            • EnterCriticalSection.KERNEL32(?,?,00000000,?,00007FF647289854), ref: 00007FF647284890
                                                                                                                                                                                                                            • LeaveCriticalSection.KERNEL32(?,?,00000000,?,00007FF647289854), ref: 00007FF647284965
                                                                                                                                                                                                                            • EnterCriticalSection.KERNEL32(?,?,00000000,?,00007FF647289854), ref: 00007FF6472849E1
                                                                                                                                                                                                                            • LeaveCriticalSection.KERNEL32(?,?,00000000,?,00007FF647289854), ref: 00007FF647284AD0
                                                                                                                                                                                                                              • Part of subcall function 00007FF647273220: std::_Throw_Cpp_error.LIBCPMT ref: 00007FF647273261
                                                                                                                                                                                                                              • Part of subcall function 00007FF647273220: std::_Throw_Cpp_error.LIBCPMT ref: 00007FF64727326C
                                                                                                                                                                                                                              • Part of subcall function 00007FF6472719D0: GetProcessHeap.KERNEL32(?,?,?,00007FF64727833C,?,?,?,?,?,00007FF64727101E), ref: 00007FF647271A06
                                                                                                                                                                                                                              • Part of subcall function 00007FF64727BA20: MultiByteToWideChar.KERNEL32 ref: 00007FF64727BA61
                                                                                                                                                                                                                              • Part of subcall function 00007FF64727BA20: MultiByteToWideChar.KERNEL32 ref: 00007FF64727BAA6
                                                                                                                                                                                                                            • EnterCriticalSection.KERNEL32(?,?,00000000,?,00007FF647289854), ref: 00007FF647286970
                                                                                                                                                                                                                              • Part of subcall function 00007FF647272370: _invalid_parameter_noinfo.LIBCMT ref: 00007FF647272691
                                                                                                                                                                                                                              • Part of subcall function 00007FF647273B50: _invalid_parameter_noinfo.LIBCMT ref: 00007FF647273C23
                                                                                                                                                                                                                            • LeaveCriticalSection.KERNEL32(?,?,00000000,?,00007FF647289854), ref: 00007FF647286DC9
                                                                                                                                                                                                                              • Part of subcall function 00007FF64729ED60: GetCurrentThreadId.KERNEL32 ref: 00007FF64729EDB1
                                                                                                                                                                                                                              • Part of subcall function 00007FF64729ED60: AcquireSRWLockExclusive.KERNEL32(?,?,?,?,?,?,?,00007FF64729014E), ref: 00007FF64729EDD0
                                                                                                                                                                                                                            • _invalid_parameter_noinfo.LIBCMT ref: 00007FF647289553
                                                                                                                                                                                                                            • _invalid_parameter_noinfo.LIBCMT ref: 00007FF647289579
                                                                                                                                                                                                                            • _invalid_parameter_noinfo.LIBCMT ref: 00007FF64728959F
                                                                                                                                                                                                                            • _invalid_parameter_noinfo.LIBCMT ref: 00007FF6472895C5
                                                                                                                                                                                                                            • _invalid_parameter_noinfo.LIBCMT ref: 00007FF6472895F8
                                                                                                                                                                                                                            • std::_Throw_Cpp_error.LIBCPMT ref: 00007FF647289638
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: CriticalSection$_invalid_parameter_noinfo$Enter$Leave$Cpp_errorThrow_std::_$ByteCharExclusiveLockMultiWide$AcquireCloseCreateCurrentDefaultFileHeapLanguageOpenProcessQueryReleaseSleepThreadUserValue
                                                                                                                                                                                                                            • String ID: %d/$%s,%d$%s;%1.2f;%u;%u;%u$%s;%d;%d;%1.2f;%d;%c$,%d$0x%x$Administration$Advanced$AdvancedRules$AllowedProcesses$ApplyInstanceCountLimitsToAllUsers$AutomaticUpdate$BalloonTipDuration$BoostForegroundProcess$BoostOnlyNormal$CPULimitRules$CPUSets$ChangeTrayIconOnRestraint$ClearLogAtExit$ClearStandbyFreeRAMThresholdMB$ClearStandbyOnlyInPerfMode$ConfigPasswordMD5$DefaultAffinitiesEx$DefaultIOPriorities$DefaultMemoryPriorities$DefaultPriorities$DefaultsLevel$DisableProBalanceIfSysIdleThisManyMS$DisableProBalanceWhenSysIdle$DisableThreadPriorityBoost$DisallowedProcesses$DivideCPUPercentThresholdsBySystemCPUCount$DoNotAdjustAffinityIfCustomized$DoNotLowerPriorityClass$ERROR$EfficiencyMode$EnableSystemTrayNotification$ExcludeChildrenOfForeground$ExcludeForegroundProcesses2$ExcludeServices$ExitOnCloseWindow$ForcedMode$ForegroundBoostExclusions$ForegroundBoostPriorityClass$ForegroundBoosting$GUI$GracefulWaitTimeInMs$GraphShowTooltips$IgnoreProblematicProcesses$IgnoreSuspendedProcesses$IncludeCommandLines$InstanceLimitedProcesses$InstanceManagedCPUAffinities$IsConfigWritable$KeepRunningProcesses$LogCPULimiter$LogCPUSets$LogDefaultAffinityAdjustments$LogDefaultPriorityAdjustments$LogDisable$LogEfficiencyMode$LogGroupExtender$LogInstanceLimitTerminations$LogPowerProfileChanges$LogProBalanceBegin$LogProBalanceEnd$LogProBalanceParkingChanges$LogProcessExecutions$LogProcessTerminations$LogProcessesDisallowed$LogSmartTrim$Logging$LowerIOPriorityDuringRestraint$LowerToIdleInsteadOfBelowNormal$ManageOnlyCurrentUser$MatchExclusionsByPathnameToo$MatchOnCommandLine$MatchWildcardsToPathnames$MaximumTimeOfRestraint$MemoryManagement$MinimumProcessWSSInMb$MinimumTimeOfRestraint$NamedAffinities$OneTimeProcessThrottles$OocDisableCoreParkingWhileIn$OocExclusions$OocHardCodedExclusionOverrides$OocOn$OutOfControlProcessRestraint$P$P$PerProcessUsageBeforeRestraint$PerProcessUsageForRestore$Performance$PlayOnRestore$PlayOnRestraint$PlaySoundOnRestore$PlaySoundOnRestraint$ProBalanceCountersOnGraph$ProBalanceDropOneRandomCore$ProcessAllowances$ProcessDefaults$ProcessThrottles$ProcessorGroupExtended$RestrainByAffinity$RestraintAffinity$Sampling$SamplingEnabled$SamplingExcludePattern$SamplingIncludePattern$SamplingIntervalSeconds$SamplingOutputPath$SetTimerResolutionAtStartup$ShowBalloonsForOocPriorityRestoration$ShowCPUCoreUtilGraphs$ShowCPUUtilityAsPrimary$ShowGraphCPU$ShowGraphLegend$ShowGraphLicenseName$ShowGraphMemoryLoad$ShowGraphProBalanceEvents$ShowGraphResponsiveness$ShowGraphSelectedProcessesCPUHistory$ShowPowerProfile$ShowProcessIcons$ShowResponsivnessInTrayInsteadOfProcessorUsage$SmartTrimAutoMinimumRAMLoad$SmartTrimClearFileCache$SmartTrimClearStandbyList$SmartTrimExclusions$SmartTrimIntervalMins$SmartTrimIsEnabled$SmartTrimWorkingSetTrims$Software\ProcessLasso$SoundsOff$SysTrayBalloons$SystemTrayIcon$TameOnlyNormal$TimeOverQuotaBeforeRestraint$TotalProcessorUsageBeforeRestraint$UpdateSpeedCore$UpdateSpeedGUI$UseEfficiencyMode$UseStaticIcon$Version$false$true$"$"$&$2$6$<$B$H$R$^$b$k$n$o$r$x$~$$
                                                                                                                                                                                                                            • API String ID: 4041704673-1349866199
                                                                                                                                                                                                                            • Opcode ID: 2756422410672d3529f7b9b45448f00bfc744ebad606366dda9b8b24c11b5bc8
                                                                                                                                                                                                                            • Instruction ID: e94b7dbfdd4008e9a9ac2c47f7e2b6018e88829637818d3469097e8da0ed3f62
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2756422410672d3529f7b9b45448f00bfc744ebad606366dda9b8b24c11b5bc8
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E9B35E72A0DA82DAEB20BF24DA402EA33A5FF44758F444636E64D977A9DF3CD645C340
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647276BCA Relevance: 293.4, APIs: 90, Strings: 77, Instructions: 1190registryfilesynchronizationCOMMON
                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Close$Value$Open$DeleteQuery$File$Handle$Module$CreateLoad$AttributesEventNameString$ChangeCopyLibraryMutexNotifyObjectReleaseSingleTerminateThreadWaitWrite
                                                                                                                                                                                                                            • String ID: %s\%s$%s\processlasso.exe$.Replacement$.docs_fmt0$.logtype9$ActionLogColumnOrders2$ActionLogColumnSizes2$ActiveProfile$AddedSessionAgentTask-0$AddedToSystemPath$AlreadyAddedSessionAgentTask$AlreadyAddedToSystemPath$BHPReinitDone$BitsumUserAgent.exe$ColorScheme$ColorScheme8$ColorScheme9$DarkMenubar$DarkStatusbarEnabled$ForegroundBoostPriorityClass$GvrServicePassword$GvrServiceUser$IconSetNumber$InstalledSessionAgent$LogDisabled$LogViewerCols$LogViewerColsFilter$MaxCSVLogFileSize$ProBalanceToday$Process Lasso$Process Lasso Core Engine Only$Process Lasso Management Console (GUI)$ProcessLasso$Session agent for Process Lasso$SetTimerResolutionAtStartup$Software\Bitsum\Language$Software\Process Lasso$Software\ProcessLasso$Software\ProcessLassoServerBitsum$Software\ProcessLasso\Counters\Dates$Software\ProcessLasso\listview_orders$Software\ProcessLasso\listview_sizes$UpdateCheckInterval$\$\$\QuickUpgrade.exe$action_log_column_orders$action_log_column_widths$active_column_order$active_column_sort_info$active_column_widths$autoupdated$bcleaner.exe$bitsumms.exe$fx1$fx2$highest-rights-marker$installhelper.exe.manifest$lassoinsights.exe$pkctrl.exe$pl_rsrc_dutch.dll$pl_rsrc_hungarian.dll$pl_rsrc_indonesian.dll$pl_rsrc_serbian.dll$pl_rsrc_serbian_latin.dll$pl_rsrc_temp.dll$pllogtocsv.exe$process_listview_column_order06070003$process_listview_column_widths06070003$processgovernor.exe.manifest$processgovernor.exe.manifest.highestavailablerights$processgovernor.exe.manifest.normal$processlasso.chm$processlasso.exe.manifest$processlasso.exe.manifest.highestavailablerights$processlasso.exe.manifest.normal$slv
                                                                                                                                                                                                                            • API String ID: 3983166623-2033734318
                                                                                                                                                                                                                            • Opcode ID: b5def5128def45a764ecd85371277e3e1dda4f1186decebac0729c7eb38ba729
                                                                                                                                                                                                                            • Instruction ID: 430673198ea4ed443f392398c4f96dbe66359700ba7fe352f95f3a7df7b19a2e
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b5def5128def45a764ecd85371277e3e1dda4f1186decebac0729c7eb38ba729
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 62D22E76A0CB82D9EB20BF25DA446EA33A4FB54795F404136DA5D97BA8DF3CD248C340
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF64727D820 Relevance: 128.8, APIs: 51, Strings: 22, Instructions: 1060windowlibrarymemoryCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: LoadString$Variant$Message$AllocClearHandleInitLibraryModule$ConditionMask$CreateHeapInfoInitializeInstanceProcessUninitializeVerifyVersion
                                                                                                                                                                                                                            • String ID: "%s"$Bitsum LLC$CTaskScheduler error: %xEFFECT: Can not set %s to start at login with elevated rights!$Can not set path of exe: %xEFFECT: Can not set %s to start at login with elevated rights!$Cannot create action: %xEFFECT: Can not set %s to start at login with elevated rights!$Cannot create trigger: %xEFFECT: Can not set %s to start at login with elevated rights!$Cannot get identification pointer: %xEFFECT: Can not set %s to start at login with elevated rights!$Cannot get principal pointer: %xEFFECT: Can not set %s to start at login with elevated rights!$Cannot get setting info pointer: %xEFFECT: Can not set %s to start at login with elevated rights!$Cannot get settings pointer: %xEFFECT: Can not set %s to start at login with elevated rights!$Cannot get task collection ptr: %xEFFECT: Can not set %s to start at login with elevated rights!$Cannot get triggers interface: %xEFFECT: Can not set %s to start at login with elevated rights!$Cannot put identification info: %xEFFECT: Can not set %s to start at login with elevated rights!$Cannot put principal run level: %xEFFECT: Can not set %s to start at login with elevated rights!$Error saving task: %xEFFECT: Can not set %s to start at login with elevated rights!$PT0S$QueryInterface call failed for IExecAction: %xEFFECT: Can not set %s to start at login with elevated rights!$QueryInterface call failed for ILogonTrigger:: %xEFFECT: Can not set %s to start at login with elevated rights!$S-1-5-32-545$Session agent for Process Lasso$Trigger1$ass
                                                                                                                                                                                                                            • API String ID: 2026749160-631905513
                                                                                                                                                                                                                            • Opcode ID: 2b704c1137433354d961c833202fe3b65b68d337eed30acf7bcf6e9a063d44c4
                                                                                                                                                                                                                            • Instruction ID: eddb5fbd05b2d99b592cdc8311c31a284af042e94f0e20f5c6b353cab7402799
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2b704c1137433354d961c833202fe3b65b68d337eed30acf7bcf6e9a063d44c4
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 82B24E72A0CB82C9EB61BF35DA502EA63A0FF58B89F444136CA0D9B655EF3CE545C350
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472974D0 Relevance: 64.9, APIs: 18, Strings: 19, Instructions: 176libraryloaderCOMMON
                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                            control_flow_graph 2211 7ff6472974d0-7ff647297502 call 7ff6472719d0 2214 7ff647297808-7ff647297812 call 7ff647271810 2211->2214 2215 7ff647297508-7ff647297546 call 7ff64729d580 call 7ff6472719d0 2211->2215 2223 7ff64729754c-7ff64729756f 2215->2223 2224 7ff6472977fd-7ff647297807 call 7ff647271810 2215->2224 2228 7ff647297571-7ff647297586 call 7ff64727aab0 * 2 2223->2228 2229 7ff64729758d-7ff647297594 2223->2229 2224->2214 2228->2229 2230 7ff64729759a-7ff6472975a8 2229->2230 2231 7ff6472977eb 2229->2231 2234 7ff6472975ae-7ff64729772e LoadLibraryW GetProcAddress * 16 2230->2234 2235 7ff647297730 LoadLibraryW 2230->2235 2236 7ff6472977ef-7ff6472977fc 2231->2236 2238 7ff647297736-7ff64729773e 2234->2238 2235->2238 2240 7ff647297744-7ff64729774c 2238->2240 2241 7ff6472977e5-7ff6472977e9 2238->2241 2240->2241 2242 7ff647297752-7ff64729775a 2240->2242 2241->2236 2242->2241 2243 7ff647297760-7ff647297768 2242->2243 2243->2241 2244 7ff64729776a-7ff647297772 2243->2244 2244->2241 2245 7ff647297774-7ff64729777c 2244->2245 2245->2241 2246 7ff64729777e-7ff647297786 2245->2246 2246->2241 2247 7ff647297788-7ff647297790 2246->2247 2247->2241 2248 7ff647297792-7ff64729779a 2247->2248 2248->2241 2249 7ff64729779c-7ff6472977a4 2248->2249 2249->2241 2250 7ff6472977a6-7ff6472977ae 2249->2250 2250->2241 2251 7ff6472977b0-7ff6472977b8 2250->2251 2251->2241 2252 7ff6472977ba-7ff6472977c2 2251->2252 2252->2241 2253 7ff6472977c4-7ff6472977cc 2252->2253 2253->2241 2254 7ff6472977ce-7ff6472977da 2253->2254 2254->2236 2255 7ff6472977dc-7ff6472977e3 2254->2255 2255->2236
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                              • Part of subcall function 00007FF6472719D0: GetProcessHeap.KERNEL32(?,?,?,00007FF64727833C,?,?,?,?,?,00007FF64727101E), ref: 00007FF647271A06
                                                                                                                                                                                                                            • LoadLibraryW.KERNELBASE(?,?,?,00007FF6472808CD,?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF6472975B5
                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,?,?,00007FF6472808CD,?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF6472975C8
                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,?,?,00007FF6472808CD,?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF6472975DF
                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,?,?,00007FF6472808CD,?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF6472975F6
                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,?,?,00007FF6472808CD,?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF64729760D
                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,?,?,00007FF6472808CD,?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF647297624
                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,?,?,00007FF6472808CD,?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF64729763B
                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,?,?,00007FF6472808CD,?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF647297652
                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,?,?,00007FF6472808CD,?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF647297669
                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,?,?,00007FF6472808CD,?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF647297680
                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,?,?,00007FF6472808CD,?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF647297697
                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,?,?,00007FF6472808CD,?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF6472976AE
                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,?,?,00007FF6472808CD,?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF6472976C5
                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,?,?,00007FF6472808CD,?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF6472976DC
                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,?,?,00007FF6472808CD,?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF6472976F3
                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,?,?,00007FF6472808CD,?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF64729770A
                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,?,?,00007FF6472808CD,?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF647297721
                                                                                                                                                                                                                              • Part of subcall function 00007FF64727AAB0: VerSetConditionMask.KERNEL32 ref: 00007FF64727AB0C
                                                                                                                                                                                                                              • Part of subcall function 00007FF64727AAB0: VerSetConditionMask.KERNEL32 ref: 00007FF64727AB1B
                                                                                                                                                                                                                              • Part of subcall function 00007FF64727AAB0: VerSetConditionMask.KERNEL32 ref: 00007FF64727AB2A
                                                                                                                                                                                                                              • Part of subcall function 00007FF64727AAB0: VerifyVersionInfoW.KERNEL32 ref: 00007FF64727AB4F
                                                                                                                                                                                                                            • LoadLibraryW.KERNEL32(?,?,?,00007FF6472808CD,?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF647297730
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AddressProc$ConditionMask$LibraryLoad$HeapInfoProcessVerifyVersion
                                                                                                                                                                                                                            • String ID: ActiveOverlayAcPowerScheme$PowerDeleteScheme$PowerDuplicateScheme$PowerEnumerate$PowerGetActiveScheme$PowerGetActualOverlayScheme$PowerReadACValueIndex$PowerReadDCValueIndex$PowerReadFriendlyName$PowerReadPossibleValue$PowerSetActiveOverlayScheme$PowerSetActiveScheme$PowerWriteACValueIndex$PowerWriteDCValueIndex$PowerWriteDescription$PowerWriteFriendlyName$PowerWriteSettingAttributes$SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes$powrprof.dll
                                                                                                                                                                                                                            • API String ID: 4168483749-1175917334
                                                                                                                                                                                                                            • Opcode ID: 09ed8121b2b4141d1ba04d19f5d52d264753ad36cec8d997afcf9a6ab3425090
                                                                                                                                                                                                                            • Instruction ID: 2cf5e1ca698c553283c4504a421cd172f02aded713859a4e3c132843697ecf65
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 09ed8121b2b4141d1ba04d19f5d52d264753ad36cec8d997afcf9a6ab3425090
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D8A1D364A0DB42C9FB55BB64EB983BB32A5EF15784F441236C94D963B0EF7CA088C245
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF64727AE40 Relevance: 54.5, APIs: 24, Strings: 7, Instructions: 273registryCOMMON
                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                            control_flow_graph 2256 7ff64727ae40-7ff64727ae72 2257 7ff64727ae7b-7ff64727ae81 2256->2257 2258 7ff64727ae74-7ff64727ae76 2256->2258 2260 7ff64727ae93-7ff64727ae9e call 7ff6472719d0 2257->2260 2261 7ff64727ae83-7ff64727ae90 call 7ff64727aba0 2257->2261 2259 7ff64727b2b1-7ff64727b2d5 call 7ff64729f650 2258->2259 2268 7ff64727b2d6-7ff64727b2e0 call 7ff647271810 2260->2268 2269 7ff64727aea4-7ff64727af0d call 7ff6472726e0 RegCreateKeyExW 2260->2269 2261->2260 2275 7ff64727af42-7ff64727af80 RegCreateKeyExW 2269->2275 2276 7ff64727af0f-7ff64727af3c RegSetValueExW RegCloseKey 2269->2276 2277 7ff64727afb7-7ff64727aff9 RegCreateKeyExW 2275->2277 2278 7ff64727af82-7ff64727afb1 RegSetValueExW RegCloseKey 2275->2278 2276->2275 2279 7ff64727affb-7ff64727b02a RegSetValueExW RegCloseKey 2277->2279 2280 7ff64727b030-7ff64727b072 RegCreateKeyExW 2277->2280 2278->2277 2279->2280 2281 7ff64727b0a9-7ff64727b0eb RegCreateKeyExW 2280->2281 2282 7ff64727b074-7ff64727b0a3 RegSetValueExW RegCloseKey 2280->2282 2283 7ff64727b0ed-7ff64727b11c RegSetValueExW RegCloseKey 2281->2283 2284 7ff64727b122-7ff64727b164 RegCreateKeyExW 2281->2284 2282->2281 2283->2284 2285 7ff64727b19b-7ff64727b1e4 RegCreateKeyExW 2284->2285 2286 7ff64727b166-7ff64727b195 RegSetValueExW RegCloseKey 2284->2286 2287 7ff64727b1e6-7ff64727b20f RegSetValueExW RegCloseKey 2285->2287 2288 7ff64727b215-7ff64727b257 RegCreateKeyExW 2285->2288 2286->2285 2287->2288 2289 7ff64727b28d 2288->2289 2290 7ff64727b259-7ff64727b28b RegSetValueExW RegCloseKey 2288->2290 2291 7ff64727b290-7ff64727b2a1 2289->2291 2290->2291 2292 7ff64727b2ad 2291->2292 2293 7ff64727b2a3-7ff64727b2a6 2291->2293 2292->2259 2293->2292
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: CloseCreateValue
                                                                                                                                                                                                                            • String ID: InstallerLanguage$InstallerLanguageDWORD$Language$ProcessLasso$SOFTWARE\ProcessLasso$Software\%s$Software\ProcessLasso
                                                                                                                                                                                                                            • API String ID: 1818849710-2766884324
                                                                                                                                                                                                                            • Opcode ID: e52ac291a5955ab5a9180b9b2562ebf5df27543f12062a6207e05287ab1d4882
                                                                                                                                                                                                                            • Instruction ID: 1bd20ef48957c3e308f2bb87e01d046443e033bbd2f1cb59d2eee488994d1255
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e52ac291a5955ab5a9180b9b2562ebf5df27543f12062a6207e05287ab1d4882
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0ED12F76A18B51CAE720AF24E98079A77B4FB88794F500235EE8D93B58DF3CD104CB44
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF64727FF00 Relevance: 44.0, APIs: 22, Strings: 3, Instructions: 209registryCOMMON
                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                            control_flow_graph 2294 7ff64727ff00-7ff64727ff40 call 7ff6472719d0 2297 7ff64727ff46-7ff64727ff87 RegOpenKeyExW 2294->2297 2298 7ff6472802b4-7ff6472802bf call 7ff647271810 2294->2298 2302 7ff64727ff89-7ff64727ffc9 RegQueryValueExW 2297->2302 2303 7ff64727ffe4-7ff647280012 RegOpenKeyExW 2297->2303 2304 7ff64727ffcb-7ff64727ffd1 RegCloseKey 2302->2304 2305 7ff64727ffd3-7ff64727ffde RegCloseKey 2302->2305 2306 7ff647280018-7ff647280058 RegQueryValueExW 2303->2306 2307 7ff647280271-7ff64728027d 2303->2307 2304->2303 2305->2303 2305->2307 2308 7ff64728026a-7ff647280270 RegCloseKey 2306->2308 2309 7ff64728005e-7ff647280069 RegCloseKey 2306->2309 2310 7ff647280288-7ff6472802b3 call 7ff64729f650 2307->2310 2311 7ff64728027f-7ff647280282 2307->2311 2308->2307 2309->2307 2312 7ff64728006f-7ff647280073 2309->2312 2311->2310 2314 7ff647280076-7ff64728007e 2312->2314 2314->2314 2316 7ff647280080-7ff6472800d2 call 7ff6472723e0 RegCreateKeyExW 2314->2316 2319 7ff6472800d4-7ff6472800d7 2316->2319 2320 7ff647280121-7ff64728014a RegOpenKeyExW 2316->2320 2323 7ff6472800e0-7ff6472800e9 2319->2323 2321 7ff64728014c-7ff647280182 RegQueryValueExW RegCloseKey 2320->2321 2322 7ff6472801ca-7ff6472801f2 RegOpenKeyExW 2320->2322 2321->2322 2324 7ff647280184-7ff6472801ab RegOpenKeyExW 2321->2324 2322->2307 2325 7ff6472801f4-7ff647280228 RegQueryValueExW RegCloseKey 2322->2325 2323->2323 2326 7ff6472800eb-7ff64728011b RegSetValueExW RegCloseKey 2323->2326 2324->2322 2327 7ff6472801ad-7ff6472801c4 RegDeleteValueW RegCloseKey 2324->2327 2325->2307 2328 7ff64728022a-7ff647280251 RegOpenKeyExW 2325->2328 2326->2320 2327->2322 2328->2307 2329 7ff647280253-7ff647280265 RegDeleteValueW 2328->2329 2329->2308
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Close$Value$Open$Query$Delete$CreateHeapProcess
                                                                                                                                                                                                                            • String ID: ConfigFolder$ConfigFolderEx$Software\ProcessLasso
                                                                                                                                                                                                                            • API String ID: 1838264270-1791053950
                                                                                                                                                                                                                            • Opcode ID: f0fcc7f52375437ba0103174d3ccc00a7f8c54ec89dbee7156f5cc7e3d4383de
                                                                                                                                                                                                                            • Instruction ID: 00d51cca9cbfc2f9ff8743a5d449658632d874a92bc16499697d2b957c497f91
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f0fcc7f52375437ba0103174d3ccc00a7f8c54ec89dbee7156f5cc7e3d4383de
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0AB14B36A0CB51CAEB20EF24E9406AA73A4FB58795F500235DE8DA3B68DF3CD544CB40
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647276900 Relevance: 38.6, APIs: 16, Strings: 6, Instructions: 136registryCOMMON
                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Close$CreateValue
                                                                                                                                                                                                                            • String ID: 14.0.2.12$DisplayVersion$SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ProcessLasso$Version$VersionMajor$VersionMinor
                                                                                                                                                                                                                            • API String ID: 1009429713-2776267438
                                                                                                                                                                                                                            • Opcode ID: 0774a4a3b06b0d30846dc409895242c621553b86b7e8252fb3383cc305753080
                                                                                                                                                                                                                            • Instruction ID: 13aeb8d52e5f87b99b1b725e590f0ce0be2f2867ce2b33d22b802b0c52c6c3f7
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0774a4a3b06b0d30846dc409895242c621553b86b7e8252fb3383cc305753080
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4B618D72A1CB42C6E720BB10F94466B77A4FB987C5F541235EA8D87A68DF3CD248CB04
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647276600 Relevance: 35.2, APIs: 18, Strings: 2, Instructions: 224servicelibrarywindowCOMMON
                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                            control_flow_graph 2385 7ff647276600-7ff647276679 call 7ff64729ed4c 2388 7ff64727667b-7ff647276691 call 7ff64727aab0 * 2 2385->2388 2389 7ff647276698-7ff64727669f 2385->2389 2388->2389 2391 7ff6472766a5-7ff6472766bb OpenSCManagerW 2389->2391 2392 7ff647276841 2389->2392 2395 7ff6472766bd-7ff6472766d9 OpenServiceW 2391->2395 2396 7ff64727672a-7ff64727674a call 7ff647296de0 call 7ff647296fc0 OpenSCManagerW 2391->2396 2393 7ff647276843-7ff647276855 call 7ff64729ed48 2392->2393 2408 7ff6472768b6-7ff6472768d5 2393->2408 2409 7ff647276857-7ff647276897 call 7ff647278290 2393->2409 2400 7ff6472766db-7ff6472766e4 CloseServiceHandle 2395->2400 2401 7ff6472766e6-7ff64727671d QueryServiceStatus CloseServiceHandle * 2 2395->2401 2412 7ff64727674c-7ff647276768 OpenServiceW 2396->2412 2413 7ff6472767b9-7ff6472767d8 LoadStringW 2396->2413 2400->2396 2401->2396 2402 7ff64727671f-7ff647276724 2401->2402 2402->2396 2406 7ff64727683d-7ff64727683f 2402->2406 2406->2393 2417 7ff647276899-7ff6472768ac 2409->2417 2418 7ff6472768ae-7ff6472768b1 call 7ff64729f350 2409->2418 2415 7ff64727676a-7ff647276773 CloseServiceHandle 2412->2415 2416 7ff647276775-7ff6472767ac QueryServiceStatus CloseServiceHandle * 2 2412->2416 2419 7ff6472767da-7ff6472767e0 2413->2419 2420 7ff647276824-7ff647276837 MessageBoxW 2413->2420 2415->2413 2416->2413 2421 7ff6472767ae-7ff6472767b3 2416->2421 2417->2418 2422 7ff6472768d6-7ff64727820f call 7ff6472aa30c call 7ff64729ed48 2417->2422 2418->2408 2424 7ff6472767f6-7ff64727681d GetModuleHandleW LoadStringW 2419->2424 2425 7ff6472767e2-7ff6472767ef LoadLibraryW 2419->2425 2420->2406 2421->2406 2421->2413 2432 7ff647278276-7ff64727827b 2422->2432 2433 7ff647278211-7ff64727824a call 7ff647278290 2422->2433 2424->2420 2427 7ff64727681f 2424->2427 2425->2424 2427->2420 2436 7ff64727824c-7ff64727825f 2433->2436 2437 7ff647278264-7ff647278272 call 7ff64729f350 2433->2437 2438 7ff64727827c-7ff647278281 call 7ff6472aa30c 2436->2438 2439 7ff647278261 2436->2439 2437->2432 2439->2437
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Service$Handle$Close$Open$ConditionLoadMask$ManagerQueryStatusString$InfoLibraryMessageModuleVerifyVersion_invalid_parameter_noinfo_noreturn
                                                                                                                                                                                                                            • String ID: Process Lasso$Schedule
                                                                                                                                                                                                                            • API String ID: 3017167772-1661736997
                                                                                                                                                                                                                            • Opcode ID: f54d2dd6924b15e41e6fa316eea12e5d2a7f460d255752e89e9faa78277ed2ae
                                                                                                                                                                                                                            • Instruction ID: 62a643be91c9271038074c9acf8c7f15c264261420ae6307882a473248d69460
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f54d2dd6924b15e41e6fa316eea12e5d2a7f460d255752e89e9faa78277ed2ae
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2491CE62B0C782CAFB14FB61A64527B23A1EF99BC4F144135DE8D96798EF3CE5858700
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472807A0 Relevance: 30.2, APIs: 12, Strings: 5, Instructions: 475COMMON
                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                            control_flow_graph 2444 7ff6472807a0-7ff6472808d9 call 7ff6472bd490 * 5 call 7ff64729f38c call 7ff64729da10 call 7ff6472974d0 call 7ff6472719d0 2463 7ff647281012-7ff64728101c call 7ff647271810 2444->2463 2464 7ff6472808df-7ff6472808fb call 7ff6472719d0 2444->2464 2469 7ff64728101d-7ff647281027 call 7ff647271810 2463->2469 2464->2469 2472 7ff647280901-7ff64728091d call 7ff6472719d0 2464->2472 2474 7ff647281028-7ff647281032 call 7ff647271810 2469->2474 2472->2474 2482 7ff647280923-7ff64728093f call 7ff6472719d0 2472->2482 2480 7ff647281033-7ff64728103d call 7ff647271810 2474->2480 2484 7ff64728103e-7ff647281048 call 7ff647271810 2480->2484 2482->2480 2491 7ff647280945-7ff647280961 call 7ff6472719d0 2482->2491 2490 7ff647281049-7ff647281053 call 7ff647271810 2484->2490 2495 7ff647281054-7ff64728105e call 7ff647271810 2490->2495 2491->2484 2499 7ff647280967-7ff647280983 call 7ff6472719d0 2491->2499 2501 7ff64728105f-7ff647281069 call 7ff647271810 2495->2501 2499->2490 2508 7ff647280989-7ff6472809a5 call 7ff6472719d0 2499->2508 2507 7ff64728106a-7ff647281074 call 7ff647271810 2501->2507 2511 7ff647281075-7ff64728107f call 7ff647271810 2507->2511 2508->2495 2518 7ff6472809ab-7ff6472809d9 call 7ff6472719d0 2508->2518 2517 7ff647281080-7ff64728108a call 7ff647271810 2511->2517 2522 7ff64728108b-7ff647281095 call 7ff647271810 2517->2522 2518->2501 2526 7ff6472809df-7ff6472809fb call 7ff6472719d0 2518->2526 2528 7ff647281096-7ff6472810a0 call 7ff647271810 2522->2528 2526->2507 2535 7ff647280a01-7ff647280a1d call 7ff6472719d0 2526->2535 2534 7ff6472810a1-7ff6472810ab call 7ff647271810 2528->2534 2538 7ff6472810ac-7ff6472810e4 call 7ff647271810 call 7ff647294fb0 2534->2538 2535->2511 2545 7ff647280a23-7ff647280a3f call 7ff6472719d0 2535->2545 2545->2517 2550 7ff647280a45-7ff647280a61 call 7ff6472719d0 2545->2550 2550->2522 2554 7ff647280a67-7ff647280a83 call 7ff6472719d0 2550->2554 2554->2528 2558 7ff647280a89-7ff647280aa5 call 7ff6472719d0 2554->2558 2558->2534 2562 7ff647280aab-7ff647280ac7 call 7ff6472719d0 2558->2562 2562->2538 2566 7ff647280acd-7ff647280ae9 call 7ff6472719d0 2562->2566 2570 7ff647281007-7ff647281011 call 7ff647271810 2566->2570 2571 7ff647280aef-7ff647280ff3 call 7ff64729f38c * 2 call 7ff64729ed4c call 7ff64729f38c * 2 call 7ff64729ed4c * 3 GetSystemInfo call 7ff647271f60 call 7ff6472aa548 InitializeCriticalSection * 8 call 7ff6472818a0 CreateEventW * 3 call 7ff647290110 2566->2571 2570->2463 2598 7ff647280ff8-7ff647281006 2571->2598
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                              • Part of subcall function 00007FF6472974D0: LoadLibraryW.KERNELBASE(?,?,?,00007FF6472808CD,?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF6472975B5
                                                                                                                                                                                                                              • Part of subcall function 00007FF6472974D0: GetProcAddress.KERNEL32(?,?,?,00007FF6472808CD,?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF6472975C8
                                                                                                                                                                                                                              • Part of subcall function 00007FF6472974D0: GetProcAddress.KERNEL32(?,?,?,00007FF6472808CD,?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF6472975DF
                                                                                                                                                                                                                              • Part of subcall function 00007FF6472974D0: GetProcAddress.KERNEL32(?,?,?,00007FF6472808CD,?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF6472975F6
                                                                                                                                                                                                                              • Part of subcall function 00007FF6472974D0: GetProcAddress.KERNEL32(?,?,?,00007FF6472808CD,?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF64729760D
                                                                                                                                                                                                                              • Part of subcall function 00007FF6472974D0: GetProcAddress.KERNEL32(?,?,?,00007FF6472808CD,?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF647297624
                                                                                                                                                                                                                              • Part of subcall function 00007FF6472974D0: GetProcAddress.KERNEL32(?,?,?,00007FF6472808CD,?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF64729763B
                                                                                                                                                                                                                              • Part of subcall function 00007FF6472974D0: GetProcAddress.KERNEL32(?,?,?,00007FF6472808CD,?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF647297652
                                                                                                                                                                                                                              • Part of subcall function 00007FF6472974D0: GetProcAddress.KERNEL32(?,?,?,00007FF6472808CD,?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF647297669
                                                                                                                                                                                                                              • Part of subcall function 00007FF6472974D0: GetProcAddress.KERNEL32(?,?,?,00007FF6472808CD,?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF647297680
                                                                                                                                                                                                                              • Part of subcall function 00007FF6472974D0: GetProcAddress.KERNEL32(?,?,?,00007FF6472808CD,?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF647297697
                                                                                                                                                                                                                              • Part of subcall function 00007FF6472974D0: GetProcAddress.KERNEL32(?,?,?,00007FF6472808CD,?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF6472976AE
                                                                                                                                                                                                                              • Part of subcall function 00007FF6472974D0: GetProcAddress.KERNEL32(?,?,?,00007FF6472808CD,?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF6472976C5
                                                                                                                                                                                                                              • Part of subcall function 00007FF6472719D0: GetProcessHeap.KERNEL32(?,?,?,00007FF64727833C,?,?,?,?,?,00007FF64727101E), ref: 00007FF647271A06
                                                                                                                                                                                                                              • Part of subcall function 00007FF64729F38C: Concurrency::cancel_current_task.LIBCPMT ref: 00007FF64729F3BC
                                                                                                                                                                                                                              • Part of subcall function 00007FF64729F38C: Concurrency::cancel_current_task.LIBCPMT ref: 00007FF64729F3C2
                                                                                                                                                                                                                              • Part of subcall function 00007FF64729F38C: _set_fmode.LIBCMT ref: 00007FF64729F3DF
                                                                                                                                                                                                                              • Part of subcall function 00007FF64729F38C: _RTC_Initialize.LIBCMT ref: 00007FF64729F400
                                                                                                                                                                                                                            • GetSystemInfo.KERNELBASE(?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF647280E9C
                                                                                                                                                                                                                              • Part of subcall function 00007FF6472AA548: _invalid_parameter_noinfo.LIBCMT ref: 00007FF6472AA57B
                                                                                                                                                                                                                            • InitializeCriticalSection.KERNEL32(?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF647280EFA
                                                                                                                                                                                                                            • InitializeCriticalSection.KERNEL32(?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF647280F07
                                                                                                                                                                                                                            • InitializeCriticalSection.KERNEL32(?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF647280F14
                                                                                                                                                                                                                            • InitializeCriticalSection.KERNEL32(?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF647280F21
                                                                                                                                                                                                                            • InitializeCriticalSection.KERNEL32(?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF647280F2E
                                                                                                                                                                                                                            • InitializeCriticalSection.KERNEL32(?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF647280F3B
                                                                                                                                                                                                                            • InitializeCriticalSection.KERNEL32(?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF647280F48
                                                                                                                                                                                                                            • InitializeCriticalSection.KERNEL32(?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF647280F55
                                                                                                                                                                                                                              • Part of subcall function 00007FF6472818A0: RegCreateKeyExW.KERNELBASE ref: 00007FF647281A2A
                                                                                                                                                                                                                              • Part of subcall function 00007FF6472818A0: RegQueryValueExW.KERNELBASE ref: 00007FF647281A6C
                                                                                                                                                                                                                              • Part of subcall function 00007FF6472818A0: RegCloseKey.ADVAPI32 ref: 00007FF647281A82
                                                                                                                                                                                                                            • CreateEventW.KERNEL32(?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF647280FA9
                                                                                                                                                                                                                            • CreateEventW.KERNEL32(?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF647280FC4
                                                                                                                                                                                                                            • CreateEventW.KERNEL32(?,?,?,?,?,?,?,00007FF6472715E9), ref: 00007FF647280FDF
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AddressProc$Initialize$CriticalSection$Create$Event$Concurrency::cancel_current_task$CloseHeapInfoLibraryLoadProcessQuerySystemValue_invalid_parameter_noinfo_set_fmode
                                                                                                                                                                                                                            • String ID: Lasso777$Lasso888_2$ProcessLasso$processlasso.exe${49da4c63-c475-4b6c-83f3-c78a9fe813c2}
                                                                                                                                                                                                                            • API String ID: 3085513432-3393618270
                                                                                                                                                                                                                            • Opcode ID: c5016022a36452efd5fe04f9f36f73eead90503695f41aadfe1434f21280fbed
                                                                                                                                                                                                                            • Instruction ID: 700e3133c3cad641cefaadd7296b58057c6ae5cb2f73132a8fc35a04a8b0ef3a
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c5016022a36452efd5fe04f9f36f73eead90503695f41aadfe1434f21280fbed
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A6423521D0DB8BC1E610FB64EE8107A33A1BF99700F645A39D99CD76A1EF7CA5928344
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF64727EAA0 Relevance: 30.0, APIs: 14, Strings: 3, Instructions: 243memorycomCOMMON
                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                            control_flow_graph 2767 7ff64727eaa0-7ff64727eacc 2768 7ff64727eaec-7ff64727eaf3 2767->2768 2769 7ff64727eace-7ff64727eae5 call 7ff64727aab0 * 2 2767->2769 2770 7ff64727eafc-7ff64727eb07 call 7ff6472719d0 2768->2770 2771 7ff64727eaf5-7ff64727eaf7 2768->2771 2769->2768 2779 7ff64727eb0d-7ff64727eb22 2770->2779 2780 7ff64727ee2a-7ff64727ee34 call 7ff647271810 2770->2780 2773 7ff64727ebbb-7ff64727ebdb call 7ff64729f650 2771->2773 2787 7ff64727eb24-7ff64727eb3b call 7ff64727aab0 * 2 2779->2787 2788 7ff64727eb42-7ff64727eb49 2779->2788 2786 7ff64727ee35-7ff64727ee3f call 7ff64729ff10 2780->2786 2800 7ff64727ee40-7ff64727ee4a call 7ff64729ff10 2786->2800 2787->2788 2791 7ff64727eb4b-7ff64727eb80 CoInitializeEx CoCreateInstance 2788->2791 2792 7ff64727eb95 2788->2792 2796 7ff64727ebdc-7ff64727ecac VariantInit * 4 2791->2796 2797 7ff64727eb82-7ff64727eb90 call 7ff6472726e0 2791->2797 2793 7ff64727eb97-7ff64727ebac 2792->2793 2798 7ff64727ebb8 2793->2798 2799 7ff64727ebae-7ff64727ebb1 2793->2799 2804 7ff64727ecb3-7ff64727ece5 VariantClear * 4 2796->2804 2797->2792 2798->2773 2799->2798 2810 7ff64727ee4b-7ff64727ee55 call 7ff64729ff10 2800->2810 2807 7ff64727ece7-7ff64727ecf5 call 7ff6472726e0 2804->2807 2808 7ff64727ed0f-7ff64727ed28 call 7ff64729f38c 2804->2808 2814 7ff64727ecfa-7ff64727ed0a CoUninitialize 2807->2814 2815 7ff64727ed5c 2808->2815 2816 7ff64727ed2a-7ff64727ed54 SysAllocString 2808->2816 2814->2792 2819 7ff64727ed5f-7ff64727ed67 2815->2819 2816->2786 2818 7ff64727ed5a 2816->2818 2818->2819 2819->2810 2821 7ff64727ed6d-7ff64727ed8c call 7ff64727d7a0 2819->2821 2821->2814 2825 7ff64727ed92-7ff64727ed9a 2821->2825 2826 7ff64727ed9c-7ff64727edb1 call 7ff64729f38c 2825->2826 2827 7ff64727ee09-7ff64727ee25 CoUninitialize 2825->2827 2831 7ff64727edb3-7ff64727eddd SysAllocString 2826->2831 2832 7ff64727ede1 2826->2832 2827->2793 2831->2800 2833 7ff64727eddf 2831->2833 2834 7ff64727ede4-7ff64727edec 2832->2834 2833->2834 2834->2810 2836 7ff64727edee-7ff64727ee04 call 7ff64727d7a0 2834->2836 2836->2827
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            • ITaskService::Connect failed: %xEFFECT: Can not set Process Lasso to start at login with elevated rights!, xrefs: 00007FF64727ECEA
                                                                                                                                                                                                                            • Session agent for Process Lasso, xrefs: 00007FF64727EDCA
                                                                                                                                                                                                                            • ITaskService creation failure: %xEFFECT: Can not set Process Lasso to start at login with elevated rights!, xrefs: 00007FF64727EB85
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Variant$ClearInit$ConditionMask$AllocStringUninitialize$CreateHeapInfoInitializeInstanceProcessVerifyVersion
                                                                                                                                                                                                                            • String ID: ITaskService creation failure: %xEFFECT: Can not set Process Lasso to start at login with elevated rights!$ITaskService::Connect failed: %xEFFECT: Can not set Process Lasso to start at login with elevated rights!$Session agent for Process Lasso
                                                                                                                                                                                                                            • API String ID: 3355186796-1443162280
                                                                                                                                                                                                                            • Opcode ID: b7e8d601d3a751e8481b133666f91a045c9bc4dd0992ded6e0169d8e6af509c8
                                                                                                                                                                                                                            • Instruction ID: aa5a5209b23a548685da6d7b0926e66be6f6ff3eb062469f15b12e26786aa7ab
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b7e8d601d3a751e8481b133666f91a045c9bc4dd0992ded6e0169d8e6af509c8
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 67B17022A0CB82CAEB51BF34DA401AA77B0FF95755F045236EA4D976A5EF3CE484C340
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF64727EE60 Relevance: 24.3, APIs: 16, Instructions: 279commemoryCOMMON
                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                            control_flow_graph 3023 7ff64727ee60-7ff64727ee9c 3024 7ff64727eebc-7ff64727eec3 3023->3024 3025 7ff64727ee9e-7ff64727eeb5 call 7ff64727aab0 * 2 3023->3025 3027 7ff64727f01c 3024->3027 3028 7ff64727eec9-7ff64727ef04 CoInitializeEx CoCreateInstance 3024->3028 3025->3024 3029 7ff64727f01e-7ff64727f048 call 7ff64729f650 3027->3029 3031 7ff64727ef0a-7ff64727f00a VariantInit * 4 VariantClear * 4 3028->3031 3032 7ff64727f016 CoUninitialize 3028->3032 3038 7ff64727f00c-7ff64727f010 3031->3038 3039 7ff64727f049-7ff64727f061 call 7ff64729f38c 3031->3039 3032->3027 3038->3032 3042 7ff64727f063-7ff64727f08a SysAllocString 3039->3042 3043 7ff64727f092 3039->3043 3044 7ff64727f278-7ff64727f282 call 7ff64729ff10 3042->3044 3045 7ff64727f090 3042->3045 3046 7ff64727f095-7ff64727f09c 3043->3046 3045->3046 3048 7ff64727f26d-7ff64727f277 call 7ff64729ff10 3046->3048 3049 7ff64727f0a2-7ff64727f0ca call 7ff64727d7a0 3046->3049 3048->3044 3049->3032 3057 7ff64727f0d0-7ff64727f0f2 3049->3057 3057->3032 3060 7ff64727f0f8-7ff64727f118 3057->3060 3062 7ff64727f11a 3060->3062 3063 7ff64727f123-7ff64727f128 3060->3063 3062->3063 3063->3062 3064 7ff64727f12a 3063->3064 3065 7ff64727f130-7ff64727f17b VariantClear 3064->3065 3067 7ff64727f181-7ff64727f18c 3065->3067 3068 7ff64727f21e-7ff64727f224 3065->3068 3070 7ff64727f196-7ff64727f198 3067->3070 3068->3065 3069 7ff64727f22a 3068->3069 3071 7ff64727f233-7ff64727f23a 3069->3071 3070->3068 3072 7ff64727f19e-7ff64727f1b2 3070->3072 3073 7ff64727f23c 3071->3073 3074 7ff64727f242-7ff64727f268 SysFreeString CoUninitialize 3071->3074 3076 7ff64727f214-7ff64727f218 3072->3076 3077 7ff64727f1b4-7ff64727f1c2 call 7ff6472a8dac 3072->3077 3073->3074 3074->3029 3076->3068 3082 7ff64727f20a-7ff64727f20e SysFreeString 3077->3082 3083 7ff64727f1c4-7ff64727f208 3077->3083 3082->3076 3083->3071 3083->3082
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Variant$Clear$Init$ConditionMaskString$FreeUninitialize$AllocCreateInfoInitializeInstanceVerifyVersion
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 2615741166-0
                                                                                                                                                                                                                            • Opcode ID: b169e3ea852958f5dcd89729fd100f21ea741b63ad761c90139c4db5a653fbc5
                                                                                                                                                                                                                            • Instruction ID: eab850a5182254b0d490f35dd5ff014a7bd298fe9b7feb7d39814595cfc76dd7
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b169e3ea852958f5dcd89729fd100f21ea741b63ad761c90139c4db5a653fbc5
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 27D15C22A08B85CAEB11EF75D9402AE73B0FF95B49F145136EA4D97A18EF38D585C340
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647298470 Relevance: 23.1, APIs: 5, Strings: 8, Instructions: 391COMMON
                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                            control_flow_graph 3085 7ff647298470-7ff6472984a0 3086 7ff6472984a2-7ff6472984a4 3085->3086 3087 7ff6472984a9-7ff6472984b4 call 7ff6472719d0 3085->3087 3089 7ff647298689-7ff6472986ad call 7ff64729f650 3086->3089 3092 7ff6472986b4-7ff6472986be call 7ff647271810 3087->3092 3093 7ff6472984ba-7ff6472984d3 3087->3093 3100 7ff6472986bf-7ff6472986c9 call 7ff647271810 3092->3100 3098 7ff6472984d5-7ff6472984d8 3093->3098 3099 7ff6472984f8-7ff647298524 call 7ff647297300 call 7ff647297f30 3093->3099 3102 7ff6472984e0-7ff6472984e9 3098->3102 3113 7ff6472985fa 3099->3113 3114 7ff64729852a-7ff64729853e 3099->3114 3107 7ff6472986ca-7ff647298739 call 7ff647271810 call 7ff647298470 3100->3107 3102->3102 3105 7ff6472984eb-7ff6472984f3 call 7ff6472723e0 3102->3105 3105->3099 3125 7ff647298747-7ff647298752 call 7ff6472719d0 3107->3125 3126 7ff64729873b-7ff647298742 3107->3126 3116 7ff6472985ff-7ff647298618 call 7ff6472a8dac 3113->3116 3114->3116 3117 7ff647298544-7ff64729854f call 7ff6472719d0 3114->3117 3127 7ff64729862a 3116->3127 3128 7ff64729861a-7ff647298620 call 7ff647299540 3116->3128 3117->3107 3124 7ff647298555-7ff647298579 call 7ff647297e10 3117->3124 3149 7ff64729857e-7ff647298585 3124->3149 3142 7ff6472989e6-7ff6472989f0 call 7ff647271810 3125->3142 3143 7ff647298758-7ff647298778 call 7ff647297e10 3125->3143 3129 7ff6472989b3-7ff6472989da call 7ff64729f650 3126->3129 3132 7ff64729862d-7ff647298630 3127->3132 3134 7ff647298625-7ff647298628 3128->3134 3137 7ff647298632-7ff647298648 3132->3137 3138 7ff647298668-7ff647298679 3132->3138 3134->3132 3145 7ff64729865f-7ff647298667 call 7ff64729f350 3137->3145 3146 7ff64729864a-7ff64729865d 3137->3146 3139 7ff647298685 3138->3139 3140 7ff64729867b-7ff64729867e 3138->3140 3139->3089 3140->3139 3165 7ff6472987a8-7ff6472987bf 3143->3165 3166 7ff64729877a-7ff647298796 3143->3166 3145->3138 3146->3145 3150 7ff6472986ae-7ff6472986b3 call 7ff6472aa30c 3146->3150 3153 7ff6472985a1-7ff6472985af 3149->3153 3154 7ff647298587-7ff64729858f 3149->3154 3150->3092 3159 7ff6472985b1-7ff6472985b4 3153->3159 3160 7ff6472985ba-7ff6472985c1 3153->3160 3154->3100 3157 7ff647298595-7ff64729859f call 7ff6472a8dac 3154->3157 3157->3153 3172 7ff6472985cd-7ff6472985e5 3157->3172 3159->3160 3160->3113 3164 7ff6472985c3-7ff6472985c8 3160->3164 3164->3117 3170 7ff6472987c1-7ff6472987c4 3165->3170 3171 7ff6472987ca-7ff6472987d9 3165->3171 3168 7ff6472987a1-7ff6472987a3 3166->3168 3169 7ff647298798-7ff64729879b 3166->3169 3168->3129 3169->3168 3170->3171 3175 7ff6472987df-7ff647298806 call 7ff6472719d0 3171->3175 3176 7ff64729888d 3171->3176 3173 7ff6472985f0-7ff6472985f8 3172->3173 3174 7ff6472985e7-7ff6472985ea 3172->3174 3173->3132 3174->3173 3181 7ff6472989db-7ff6472989e5 call 7ff647271810 3175->3181 3182 7ff64729880c-7ff647298825 call 7ff647297e10 3175->3182 3178 7ff647298894 3176->3178 3180 7ff647298898-7ff6472988a3 3178->3180 3183 7ff6472988b2-7ff6472988ba 3180->3183 3184 7ff6472988a5-7ff6472988b0 3180->3184 3181->3142 3193 7ff64729882a-7ff647298830 3182->3193 3187 7ff6472988c2-7ff6472988c4 3183->3187 3184->3183 3186 7ff6472988ca-7ff6472988d1 3184->3186 3189 7ff6472989b1 3186->3189 3190 7ff6472988d7-7ff647298972 call 7ff647298a00 RegCreateKeyExW 3186->3190 3187->3186 3187->3189 3189->3129 3205 7ff6472989a3-7ff6472989af LocalFree 3190->3205 3206 7ff647298974-7ff64729899d RegSetValueExW RegCloseKey 3190->3206 3195 7ff647298832-7ff647298836 3193->3195 3196 7ff64729886d-7ff647298879 3193->3196 3195->3196 3197 7ff647298838-7ff647298844 3195->3197 3199 7ff647298884-7ff64729888b 3196->3199 3200 7ff64729887b-7ff64729887e 3196->3200 3201 7ff64729884f-7ff64729886b 3197->3201 3202 7ff647298846-7ff647298849 3197->3202 3199->3178 3200->3199 3201->3180 3202->3201 3205->3129 3206->3205
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                            • String ID: Bitsum Highest Performance$CustomHighPerfGUID$GIa$GIa$Provides Bitsum optimized CPU performance.$Software\ProcessLasso$X$true
                                                                                                                                                                                                                            • API String ID: 0-1380875779
                                                                                                                                                                                                                            • Opcode ID: 3f2c81e34bdc15ea7eca2be8ec28529d3c7d47d82c41fb9a7d4de4ac00fe2ced
                                                                                                                                                                                                                            • Instruction ID: 7940664b77002b481915a1af3996dfda6955da5f5c9fa031d4284ef0e627516b
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3f2c81e34bdc15ea7eca2be8ec28529d3c7d47d82c41fb9a7d4de4ac00fe2ced
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F5F19FA2B0CA41C6EB10BF25D6402AE6360FF95BA8F088235DE9D97795DF3CE585C740
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647291D80 Relevance: 21.5, APIs: 10, Strings: 2, Instructions: 468filesleepCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: File$Write$Close$BuffersChangeCreateErrorFindFlushHandleLastNotificationSleep
                                                                                                                                                                                                                            • String ID: %s=%s$[%s]
                                                                                                                                                                                                                            • API String ID: 4003643591-2213662286
                                                                                                                                                                                                                            • Opcode ID: b1b08e58a74f563cc62f9bba764db4006210615f7e5419a3fbc641f41a9b4dc0
                                                                                                                                                                                                                            • Instruction ID: e744eb9fa9cca319478df5792febc6e345d8e070dcf42a3ed209fa9ade525e2d
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b1b08e58a74f563cc62f9bba764db4006210615f7e5419a3fbc641f41a9b4dc0
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 89126DB2B08A42C6EB14BF6AD6501BE33A0FB54B98B484635DF1E97795DF38E845C340
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647290FD0 Relevance: 17.4, APIs: 11, Instructions: 888fileCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: File$Create$CloseHandleVolume_invalid_parameter_noinfo$Concurrency::cancel_current_taskMountNamePointReadSizeSleep_invalid_parameter_noinfo_noreturn
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 718627020-0
                                                                                                                                                                                                                            • Opcode ID: e3ae5806955170da44af843c317a805e75f479a3017873314104dfefbc1ce811
                                                                                                                                                                                                                            • Instruction ID: b0ad22ec5f92e7bde4ee06adc828953076ecf08e89fe7057a8fb6db636456ea4
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e3ae5806955170da44af843c317a805e75f479a3017873314104dfefbc1ce811
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CE8262A2B0D682C6EB64BF26C6403BE23A1FF51BA4F484235CA1DA76D5DF38E545C341
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472904D0 Relevance: 12.4, APIs: 6, Strings: 1, Instructions: 139COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                              • Part of subcall function 00007FF6472719D0: GetProcessHeap.KERNEL32(?,?,?,00007FF64727833C,?,?,?,?,?,00007FF64727101E), ref: 00007FF647271A06
                                                                                                                                                                                                                              • Part of subcall function 00007FF647290A20: RegOpenKeyExW.KERNELBASE ref: 00007FF647290A65
                                                                                                                                                                                                                              • Part of subcall function 00007FF647290A20: RegQueryValueExW.KERNELBASE ref: 00007FF647290AA7
                                                                                                                                                                                                                              • Part of subcall function 00007FF647290A20: RegCloseKey.KERNELBASE ref: 00007FF647290AB6
                                                                                                                                                                                                                              • Part of subcall function 00007FF647290A20: RegCloseKey.ADVAPI32 ref: 00007FF647290ADF
                                                                                                                                                                                                                            • SHGetSpecialFolderPathW.SHELL32(?,?,?,?,?,?,?,?,?,?,?,00007FF647280FF8), ref: 00007FF6472905C6
                                                                                                                                                                                                                            • SHGetSpecialFolderPathW.SHELL32(?,?,?,?,?,?,?,?,?,?,?,00007FF647280FF8), ref: 00007FF6472905E8
                                                                                                                                                                                                                            • SHCreateDirectoryExW.SHELL32(?,?,?,?,?,?,?,?,?,?,?,00007FF647280FF8), ref: 00007FF647290655
                                                                                                                                                                                                                            • SHCreateDirectoryExW.SHELL32(?,?,?,?,?,?,?,?,?,?,?,00007FF647280FF8), ref: 00007FF647290668
                                                                                                                                                                                                                            • GetFileAttributesW.KERNELBASE(?,?,?,?,?,?,?,?,?,?,?,00007FF647280FF8), ref: 00007FF6472906B2
                                                                                                                                                                                                                            • MoveFileExW.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,00007FF647280FF8), ref: 00007FF6472906D0
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: CloseCreateDirectoryFileFolderPathSpecial$AttributesHeapMoveOpenProcessQueryValue
                                                                                                                                                                                                                            • String ID: ConfigPathMigrationComplete
                                                                                                                                                                                                                            • API String ID: 3247522341-180962690
                                                                                                                                                                                                                            • Opcode ID: cf80da3075fc3122b574f9883be9bb49eafb0302d2c7bec1e234de719e937d60
                                                                                                                                                                                                                            • Instruction ID: 694cb62bc08691aeb4aec23187e4e62aee288d07a3f7104c2859d4e62d283eac
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: cf80da3075fc3122b574f9883be9bb49eafb0302d2c7bec1e234de719e937d60
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0961D262B2CA86C6EB30BF24D9012BB2360FFA0754F859635D69D872D5DF2CE684C740
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647271090 Relevance: 42.2, APIs: 2, Strings: 22, Instructions: 230libraryCOMMON
                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                              • Part of subcall function 00007FF64729F38C: Concurrency::cancel_current_task.LIBCPMT ref: 00007FF64729F3BC
                                                                                                                                                                                                                              • Part of subcall function 00007FF64729F38C: Concurrency::cancel_current_task.LIBCPMT ref: 00007FF64729F3C2
                                                                                                                                                                                                                              • Part of subcall function 00007FF64729F38C: _set_fmode.LIBCMT ref: 00007FF64729F3DF
                                                                                                                                                                                                                              • Part of subcall function 00007FF64729F38C: _RTC_Initialize.LIBCMT ref: 00007FF64729F400
                                                                                                                                                                                                                              • Part of subcall function 00007FF647272C40: std::_Xinvalid_argument.LIBCPMT ref: 00007FF647272C4B
                                                                                                                                                                                                                            • LoadLibraryW.KERNELBASE ref: 00007FF64727144D
                                                                                                                                                                                                                            • GetModuleHandleW.KERNEL32 ref: 00007FF64727148D
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Concurrency::cancel_current_task$HandleInitializeLibraryLoadModuleXinvalid_argument_set_fmodestd::_
                                                                                                                                                                                                                            • String ID: Bulgarian$Chinese Simplified$Chinese Traditional$English$Error$Finnish$French$German$Italian$Japanese$Korean$Polish$Portuguese/Brazilian$ProcessLasso$ProcessLasso$Russian$SOFTWARE\%s$SOFTWARE\ProcessLasso$Slovenian$Spanish$Turkish$pl_rsrc_english.dll
                                                                                                                                                                                                                            • API String ID: 4046792538-3671896296
                                                                                                                                                                                                                            • Opcode ID: 32ef7a04d3724c9592a05ad61af77f949e3c93542a70ab87d841dcb1f79dceed
                                                                                                                                                                                                                            • Instruction ID: 78b7e6ab9f78c35e4f088a9f72d4aa430ff0c6a6f1f968e3c90f546bc21fd1c5
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 32ef7a04d3724c9592a05ad61af77f949e3c93542a70ab87d841dcb1f79dceed
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 45C16A72A09B81D9E350EF10E9442AA77B8FB98788F504139EB8C93764EF7CD199C744
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647281100 Relevance: 30.2, APIs: 15, Strings: 2, Instructions: 432COMMON
                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                            control_flow_graph 2599 7ff647281100-7ff64728111c 2600 7ff647281124-7ff647281130 2599->2600 2601 7ff64728111e CloseHandle 2599->2601 2602 7ff647281132-7ff647281138 CloseHandle 2600->2602 2603 7ff64728113f-7ff647281149 2600->2603 2601->2600 2602->2603 2604 7ff64728116b-7ff647281174 CloseHandle 2603->2604 2605 7ff64728114b-7ff647281169 CreateEventW 2603->2605 2606 7ff64728117b-7ff647281185 2604->2606 2605->2604 2605->2606 2607 7ff6472811a7-7ff6472811b0 CloseHandle 2606->2607 2608 7ff647281187-7ff6472811a5 CreateEventW 2606->2608 2609 7ff6472811b7-7ff6472812e8 DeleteCriticalSection * 8 call 7ff647271fe0 call 7ff64729ed48 * 3 call 7ff6472941b0 call 7ff647271fe0 call 7ff6472729b0 call 7ff64729f350 call 7ff647294320 call 7ff647294490 call 7ff6472945f0 call 7ff647294770 call 7ff6472945f0 * 2 2607->2609 2608->2607 2608->2609 2638 7ff6472812ea-7ff6472812ff 2609->2638 2639 7ff647281337-7ff64728137d call 7ff647271fe0 * 5 2609->2639 2640 7ff64728131d-7ff647281330 call 7ff64729f350 2638->2640 2641 7ff647281301-7ff647281314 2638->2641 2658 7ff6472813cc-7ff647281406 call 7ff647271fe0 * 4 2639->2658 2659 7ff64728137f-7ff647281394 2639->2659 2640->2639 2643 7ff64728131a 2641->2643 2644 7ff64728188f-7ff647281894 call 7ff6472aa30c 2641->2644 2643->2640 2673 7ff647281408-7ff64728141d 2658->2673 2674 7ff647281455-7ff64728145f 2658->2674 2660 7ff647281396-7ff6472813a9 2659->2660 2661 7ff6472813b2-7ff6472813c5 call 7ff64729f350 2659->2661 2660->2644 2663 7ff6472813af 2660->2663 2661->2658 2663->2661 2675 7ff64728143b-7ff64728144e call 7ff64729f350 2673->2675 2676 7ff64728141f-7ff647281432 2673->2676 2677 7ff647281461-7ff647281476 2674->2677 2678 7ff6472814ae-7ff6472814c4 call 7ff647271fe0 2674->2678 2675->2674 2676->2644 2679 7ff647281438 2676->2679 2681 7ff647281478-7ff64728148b 2677->2681 2682 7ff647281494-7ff6472814a7 call 7ff64729f350 2677->2682 2688 7ff6472814c6-7ff6472814db 2678->2688 2689 7ff647281513-7ff647281535 call 7ff647271fe0 call 7ff64729ed48 2678->2689 2679->2675 2681->2644 2685 7ff647281491 2681->2685 2682->2678 2685->2682 2691 7ff6472814dd-7ff6472814f0 2688->2691 2692 7ff6472814f9-7ff64728150c call 7ff64729f350 2688->2692 2700 7ff647281537-7ff64728154c 2689->2700 2701 7ff647281584-7ff647281644 call 7ff647271fe0 call 7ff647294940 call 7ff647271fe0 * 3 call 7ff647294fb0 call 7ff64729f350 call 7ff6472945f0 call 7ff6472729b0 call 7ff64729f350 2689->2701 2691->2644 2694 7ff6472814f6 2691->2694 2692->2689 2694->2692 2703 7ff64728156a-7ff64728157d call 7ff64729f350 2700->2703 2704 7ff64728154e-7ff647281561 2700->2704 2727 7ff647281646-7ff647281649 2701->2727 2728 7ff64728164f-7ff647281664 2701->2728 2703->2701 2704->2644 2706 7ff647281567 2704->2706 2706->2703 2727->2728 2729 7ff647281666-7ff647281669 2728->2729 2730 7ff64728166f-7ff647281684 2728->2730 2729->2730 2731 7ff647281686-7ff647281689 2730->2731 2732 7ff64728168f-7ff6472816a4 2730->2732 2731->2732 2733 7ff6472816a6-7ff6472816a9 2732->2733 2734 7ff6472816af-7ff6472816c4 2732->2734 2733->2734 2735 7ff6472816c6-7ff6472816c9 2734->2735 2736 7ff6472816cf-7ff6472816e4 2734->2736 2735->2736 2737 7ff6472816e6-7ff6472816e9 2736->2737 2738 7ff6472816ef-7ff647281704 2736->2738 2737->2738 2739 7ff647281706-7ff647281709 2738->2739 2740 7ff64728170f-7ff647281724 2738->2740 2739->2740 2741 7ff647281726-7ff647281729 2740->2741 2742 7ff64728172f-7ff647281744 2740->2742 2741->2742 2743 7ff647281746-7ff647281749 2742->2743 2744 7ff64728174f-7ff647281770 call 7ff647271fe0 2742->2744 2743->2744 2747 7ff64728177b-7ff647281790 2744->2747 2748 7ff647281772-7ff647281775 2744->2748 2749 7ff64728179b-7ff6472817b0 2747->2749 2750 7ff647281792-7ff647281795 2747->2750 2748->2747 2751 7ff6472817bb-7ff6472817d0 2749->2751 2752 7ff6472817b2-7ff6472817b5 2749->2752 2750->2749 2753 7ff6472817db-7ff6472817f0 2751->2753 2754 7ff6472817d2-7ff6472817d5 2751->2754 2752->2751 2755 7ff6472817fb-7ff647281810 2753->2755 2756 7ff6472817f2-7ff6472817f5 2753->2756 2754->2753 2757 7ff64728181b-7ff64728182e 2755->2757 2758 7ff647281812-7ff647281815 2755->2758 2756->2755 2759 7ff647281839-7ff647281840 call 7ff647297980 2757->2759 2760 7ff647281830-7ff647281833 2757->2760 2758->2757 2762 7ff647281845-7ff647281889 call 7ff64729db60 call 7ff6472729b0 2759->2762 2760->2759 2762->2644
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: CriticalDeleteSection$CloseHandle$CreateEvent_invalid_parameter_noinfo_noreturn
                                                                                                                                                                                                                            • String ID: Lasso888_2${49da4c63-c475-4b6c-83f3-c78a9fe813c2}
                                                                                                                                                                                                                            • API String ID: 269693988-458680584
                                                                                                                                                                                                                            • Opcode ID: 1e66d87fb76d4463a28f970aa5a7efb361470af1808dce73dbb90412ee458ae9
                                                                                                                                                                                                                            • Instruction ID: 38514a5b75f87a1dad830355d869a20f3caa081a7da24f823587d9af6ec5694e
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1e66d87fb76d4463a28f970aa5a7efb361470af1808dce73dbb90412ee458ae9
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6822B572718A81E2EA0DFF38CA451AE6369FB40B90F44413AD72D976D5DF29E678C340
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF64727B6F0 Relevance: 28.1, APIs: 12, Strings: 4, Instructions: 92registrylibrarywindowCOMMON
                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Close$Load$OpenString$HandleLibraryMessageModuleQueryValue
                                                                                                                                                                                                                            • String ID: DeleteFlag$MM-dd-yyyy$Process Lasso$SYSTEM\CurrentControlSet\Services\ProcessGovernor
                                                                                                                                                                                                                            • API String ID: 1433741596-4018146772
                                                                                                                                                                                                                            • Opcode ID: 52cbbc4d491215ab4e0c1f0604237de17e5402324359b692379e1341cf02222c
                                                                                                                                                                                                                            • Instruction ID: f4b50363a18440a14c7edb8adf2e7e8ebd26a480c7857768885a3b0e9b5d465d
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 52cbbc4d491215ab4e0c1f0604237de17e5402324359b692379e1341cf02222c
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 21415E65A1CA82C6EB20BB21EA4577B63A4FF99785F500135EA8D83A68DF7CD105CB04
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647290C60 Relevance: 26.5, APIs: 9, Strings: 6, Instructions: 243COMMON
                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                            control_flow_graph 2858 7ff647290c60-7ff647290ca4 call 7ff6472719d0 2861 7ff647290e37-7ff647290e6a call 7ff647271810 2858->2861 2862 7ff647290caa-7ff647290ce8 GetModuleHandleW GetModuleFileNameW 2858->2862 2869 7ff647290e77-7ff647290e83 call 7ff647290c60 2861->2869 2870 7ff647290e6c-7ff647290e75 GetFileAttributesW 2861->2870 2867 7ff647290cee-7ff647290cf3 2862->2867 2868 7ff647290d7b-7ff647290d96 SHGetSpecialFolderPathW 2862->2868 2871 7ff647290cf6-7ff647290cfd 2867->2871 2872 7ff647290e08-7ff647290e10 call 7ff647271f60 2868->2872 2873 7ff647290d98-7ff647290d9d 2868->2873 2881 7ff647290e88-7ff647290eac call 7ff647273910 2869->2881 2870->2869 2874 7ff647290eb7-7ff647290ec2 2870->2874 2871->2871 2876 7ff647290cff-7ff647290d06 2871->2876 2893 7ff647290e11-7ff647290e36 call 7ff64729f650 2872->2893 2878 7ff647290da0-7ff647290da8 2873->2878 2879 7ff647290ecf-7ff647290edb call 7ff647290c60 2874->2879 2880 7ff647290ec4-7ff647290ecd GetFileAttributesW 2874->2880 2882 7ff647290d23-7ff647290d2b 2876->2882 2883 7ff647290d08-7ff647290d0e 2876->2883 2878->2878 2885 7ff647290daa-7ff647290dbe call 7ff6472723e0 2878->2885 2897 7ff647290ee0-7ff647290f04 call 7ff647273910 2879->2897 2880->2879 2887 7ff647290f0f-7ff647290f1a 2880->2887 2881->2874 2908 7ff647290eae-7ff647290eb1 2881->2908 2888 7ff647290d30-7ff647290d38 2882->2888 2891 7ff647290d10-7ff647290d18 2883->2891 2892 7ff647290d1c-7ff647290d1e 2883->2892 2903 7ff647290dc1-7ff647290dc9 2885->2903 2898 7ff647290f27-7ff647290f33 call 7ff647290c60 2887->2898 2899 7ff647290f1c-7ff647290f25 GetFileAttributesW 2887->2899 2888->2888 2896 7ff647290d3a-7ff647290d4a call 7ff6472723e0 2888->2896 2891->2883 2901 7ff647290d1a 2891->2901 2892->2882 2918 7ff647290d51 2896->2918 2919 7ff647290d4c-7ff647290d4f 2896->2919 2897->2887 2920 7ff647290f06-7ff647290f09 2897->2920 2914 7ff647290f38-7ff647290f5c call 7ff647273910 2898->2914 2899->2898 2906 7ff647290f67-7ff647290f72 2899->2906 2901->2882 2903->2903 2909 7ff647290dcb-7ff647290dd6 call 7ff6472725c0 2903->2909 2910 7ff647290f7f-7ff647290f8b call 7ff647290c60 2906->2910 2911 7ff647290f74-7ff647290f7d GetFileAttributesW 2906->2911 2908->2874 2928 7ff647290dd8 2909->2928 2929 7ff647290dec-7ff647290e06 call 7ff6472725c0 GetFileAttributesW 2909->2929 2923 7ff647290f90-7ff647290fb2 call 7ff647273910 2910->2923 2911->2910 2916 7ff647290fbd-7ff647290fc4 2911->2916 2914->2906 2927 7ff647290f5e-7ff647290f61 2914->2927 2925 7ff647290d54-7ff647290d5c 2918->2925 2924 7ff647290d5e-7ff647290d75 call 7ff6472725c0 GetFileAttributesW 2919->2924 2920->2887 2923->2916 2937 7ff647290fb4-7ff647290fb7 2923->2937 2924->2868 2924->2893 2925->2924 2925->2925 2927->2906 2932 7ff647290de0-7ff647290de7 2928->2932 2929->2872 2929->2893 2932->2932 2936 7ff647290de9 2932->2936 2936->2929 2937->2916
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: File$Attributes$Module$FolderHandleHeapNamePathProcessSpecial
                                                                                                                                                                                                                            • String ID: \$\Windows Feed Discovered.wav$\Windows Pop-up Blocked.wav$\lower.wav$\media$\raise.wav
                                                                                                                                                                                                                            • API String ID: 3181057009-3458111692
                                                                                                                                                                                                                            • Opcode ID: 06a27e6a77a89c3bcd73cae52582e8e6efcd84f37da709cd1cf37b4baff8b23f
                                                                                                                                                                                                                            • Instruction ID: ee4f67b60aba70ad41f81b62dbdc6b7540f0e6dfbf010bc445af18353d507b34
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 06a27e6a77a89c3bcd73cae52582e8e6efcd84f37da709cd1cf37b4baff8b23f
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 24A1D3A1B1DA4AC1EA60BB24D6402BB23A0FF50BA4F545A31EA6DC36E5DF2CE545C340
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF64727CB10 Relevance: 26.5, APIs: 9, Strings: 6, Instructions: 241fileCOMMON
                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                            control_flow_graph 2939 7ff64727cb10-7ff64727cb65 SHGetSpecialFolderPathW 2940 7ff64727cb9a-7ff64727cbb8 GetModuleHandleW GetModuleFileNameW 2939->2940 2941 7ff64727cb67-7ff64727cb98 CreateDirectoryW call 7ff6472aafa4 CreateDirectoryW 2939->2941 2943 7ff64727cbba-7ff64727cbbf 2940->2943 2944 7ff64727cbf2-7ff64727cbfd call 7ff6472719d0 2940->2944 2941->2944 2947 7ff64727cbc2-7ff64727cbca 2943->2947 2951 7ff64727cea5-7ff64727ceaf call 7ff647271810 2944->2951 2952 7ff64727cc03-7ff64727cc22 2944->2952 2947->2947 2948 7ff64727cbcc-7ff64727cbd3 2947->2948 2948->2944 2950 7ff64727cbd5-7ff64727cbdb 2948->2950 2954 7ff64727cbdd-7ff64727cbe5 2950->2954 2955 7ff64727cbe9-7ff64727cbed 2950->2955 2959 7ff64727cc24-7ff64727cc31 call 7ff6472721f0 2952->2959 2960 7ff64727cc33-7ff64727cc36 2952->2960 2954->2950 2957 7ff64727cbe7 2954->2957 2955->2944 2957->2944 2966 7ff64727cc5b-7ff64727cc7f call 7ff647273a60 2959->2966 2962 7ff64727cc40-7ff64727cc49 2960->2962 2962->2962 2963 7ff64727cc4b-7ff64727cc5a call 7ff6472723e0 2962->2963 2963->2966 2970 7ff64727cc80-7ff64727cc89 2966->2970 2970->2970 2971 7ff64727cc8b-7ff64727ccaa call 7ff6472725c0 DeleteFileW 2970->2971 2974 7ff64727ccac-7ff64727ccb0 2971->2974 2975 7ff64727ccff-7ff64727cd09 2971->2975 2977 7ff64727ccb2-7ff64727ccb8 2974->2977 2978 7ff64727ccee-7ff64727ccfa call 7ff6472723e0 2974->2978 2976 7ff64727cd10-7ff64727cd19 2975->2976 2976->2976 2980 7ff64727cd1b-7ff64727cd3a call 7ff6472725c0 DeleteFileW 2976->2980 2977->2978 2981 7ff64727ccba-7ff64727cccf call 7ff647273a60 2977->2981 2978->2975 2986 7ff64727cd3c-7ff64727cd40 2980->2986 2987 7ff64727cd8f-7ff64727cd99 2980->2987 2988 7ff64727ccd1-7ff64727ccd7 2981->2988 2989 7ff64727ccde-7ff64727ccec 2981->2989 2991 7ff64727cd42-7ff64727cd48 2986->2991 2992 7ff64727cd7e-7ff64727cd8a call 7ff6472723e0 2986->2992 2990 7ff64727cda0-7ff64727cda9 2987->2990 2988->2989 2989->2975 2990->2990 2994 7ff64727cdab-7ff64727cdca call 7ff6472725c0 DeleteFileW 2990->2994 2991->2992 2995 7ff64727cd4a-7ff64727cd5f call 7ff647273a60 2991->2995 2992->2987 3000 7ff64727cdcc-7ff64727cdd0 2994->3000 3001 7ff64727ce1a-7ff64727ce21 2994->3001 3002 7ff64727cd61-7ff64727cd67 2995->3002 3003 7ff64727cd6e-7ff64727cd7c 2995->3003 3005 7ff64727ce09-7ff64727ce15 call 7ff6472723e0 3000->3005 3006 7ff64727cdd2-7ff64727cdd8 3000->3006 3004 7ff64727ce24-7ff64727ce2d 3001->3004 3002->3003 3003->2987 3004->3004 3008 7ff64727ce2f-7ff64727ce56 call 7ff6472725c0 DeleteFileW 3004->3008 3005->3001 3006->3005 3009 7ff64727cdda-7ff64727cdef call 7ff647273a60 3006->3009 3014 7ff64727ce58-7ff64727ce61 3008->3014 3015 7ff64727ce62-7ff64727ce6b 3008->3015 3016 7ff64727cdf1-7ff64727cdf7 3009->3016 3017 7ff64727cdfe-7ff64727ce07 3009->3017 3014->3015 3018 7ff64727ce6d-7ff64727ce73 3015->3018 3019 7ff64727ce79-7ff64727cea4 call 7ff64729f650 3015->3019 3016->3017 3017->3001 3018->3019
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: File$Delete$CreateDirectoryModule$FolderHandleNamePathSpecial_invalid_parameter_noinfo
                                                                                                                                                                                                                            • String ID: \$\ProcessLasso$\pl4sfx.exe$\pl4sfx_server.exe$\pl_debug.log$\pl_rsrc_temp.dll
                                                                                                                                                                                                                            • API String ID: 2249168596-2889885024
                                                                                                                                                                                                                            • Opcode ID: aa7ebf46b71166f6d464babc612250db3eb8a65bc90fd7e4b2d81dae1c9398df
                                                                                                                                                                                                                            • Instruction ID: 08bc708a03328a65043058e498876d1317e1a12a9fbaee9ca8156b11de9e0279
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: aa7ebf46b71166f6d464babc612250db3eb8a65bc90fd7e4b2d81dae1c9398df
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 49B1BF72A0CA42C6EB24FB25D7402AE23A4FB49B94F445235DA5E937D9DF3CD588C740
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472749A0 Relevance: 23.1, APIs: 10, Strings: 3, Instructions: 305libraryCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Module$FileHandleLibraryLoadName$DefaultLanguageUser
                                                                                                                                                                                                                            • String ID: Process Lasso$There was an error loading the resource DLL pl_rsrc_english.dll!$\
                                                                                                                                                                                                                            • API String ID: 620991952-3674810238
                                                                                                                                                                                                                            • Opcode ID: 95f8b16321b86d2cfe4b87d079dbbd0256f9aaeb029fdcc5978219d5f3ad8b70
                                                                                                                                                                                                                            • Instruction ID: d1a544909333e952537b08aa70caeecbeaf75c908579ae810f45fe26462536e0
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 95f8b16321b86d2cfe4b87d079dbbd0256f9aaeb029fdcc5978219d5f3ad8b70
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A4D19E61E0CA46C6EB64BB55DB5027A23A0FF54B94F404239CA4ED77A4EF3CE885C784
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF64727F650 Relevance: 21.2, APIs: 6, Strings: 6, Instructions: 217registryCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Module$CloseEnvironmentFileHandleNameOpenQueryValueVariable
                                                                                                                                                                                                                            • String ID: %s\$;\;$PATH$Path$SYSTEM\CurrentControlSet\Control\Session Manager\Environment$\
                                                                                                                                                                                                                            • API String ID: 290741229-1266157770
                                                                                                                                                                                                                            • Opcode ID: deb29af1409e9862f59145e5210fc42a99b7507bd65e69794a33b9699536d070
                                                                                                                                                                                                                            • Instruction ID: dd59a2f986b8e92be19368c778e4fd5ba0bedaa35e92c5ff85c23435909eb9e6
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: deb29af1409e9862f59145e5210fc42a99b7507bd65e69794a33b9699536d070
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C1A1A422A1CA82D5EB10FF25DA401AF63A0FF84B84F405136EA5E977A9DF7CE545C740
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF64729DC10 Relevance: 17.9, APIs: 8, Strings: 2, Instructions: 434COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Processor$ActiveCount$InformationLogical$ErrorGroupLast
                                                                                                                                                                                                                            • String ID: 12th$intel
                                                                                                                                                                                                                            • API String ID: 1211918145-682579197
                                                                                                                                                                                                                            • Opcode ID: 2408a4d2399ae4fe0116c94e887ae8565ed4d9746d29b31a3cd0e8bdd7bb181b
                                                                                                                                                                                                                            • Instruction ID: 4caae0843b6dd29f89f4de5fc9f310ce0a017a3646b7d104d0fbf6ebfe78bf0f
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2408a4d2399ae4fe0116c94e887ae8565ed4d9746d29b31a3cd0e8bdd7bb181b
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A012BBB3B08782CAE790BF25D6446AE37A5FB24B88F094539DA5D93785DF38E450C340
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF64727F290 Relevance: 16.0, APIs: 5, Strings: 4, Instructions: 239registryCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Module$CloseFileHandleNameOpenQueryValue
                                                                                                                                                                                                                            • String ID: %s;%s\;$Path$SYSTEM\CurrentControlSet\Control\Session Manager\Environment$\
                                                                                                                                                                                                                            • API String ID: 744634649-978422326
                                                                                                                                                                                                                            • Opcode ID: 263d95b31feba8ec1f2c7201bbcbd776fcfd8d552f8586e36722fe2af5c9dd73
                                                                                                                                                                                                                            • Instruction ID: 70a642787cf4baf260b7d06ffca16c7fce86fca83b8abb9f2147b6e44afb974b
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 263d95b31feba8ec1f2c7201bbcbd776fcfd8d552f8586e36722fe2af5c9dd73
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BCB17D22A1DA86C6EB10FF25D6402AE63A0FF84B94F404136EB5E977A9DF3CE545C740
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647275C40 Relevance: 15.9, APIs: 2, Strings: 7, Instructions: 145COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                              • Part of subcall function 00007FF6472719D0: GetProcessHeap.KERNEL32(?,?,?,00007FF64727833C,?,?,?,?,?,00007FF64727101E), ref: 00007FF647271A06
                                                                                                                                                                                                                              • Part of subcall function 00007FF64729F38C: Concurrency::cancel_current_task.LIBCPMT ref: 00007FF64729F3BC
                                                                                                                                                                                                                              • Part of subcall function 00007FF64729F38C: Concurrency::cancel_current_task.LIBCPMT ref: 00007FF64729F3C2
                                                                                                                                                                                                                              • Part of subcall function 00007FF64729F38C: _set_fmode.LIBCMT ref: 00007FF64729F3DF
                                                                                                                                                                                                                              • Part of subcall function 00007FF64729F38C: _RTC_Initialize.LIBCMT ref: 00007FF64729F400
                                                                                                                                                                                                                            • CreateEventW.KERNEL32 ref: 00007FF647275E02
                                                                                                                                                                                                                            • CreateEventW.KERNEL32 ref: 00007FF647275E19
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Concurrency::cancel_current_taskCreateEvent$HeapInitializeProcess_set_fmode
                                                                                                                                                                                                                            • String ID: %s\%s$%s\%s.%u$.csv$MaxLogFileSize$ProcessLasso$ProcessLasso\logs$prolasso.log
                                                                                                                                                                                                                            • API String ID: 3915736307-2144866617
                                                                                                                                                                                                                            • Opcode ID: 07ea362ce2ced7bf36b9beb5dc316a382588a5c59e1e950a882c2c474473bf42
                                                                                                                                                                                                                            • Instruction ID: 29219e63eb2e22fb8e753055d3b49219d6fbd8d24ef63626e59b6f1440a32661
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 07ea362ce2ced7bf36b9beb5dc316a382588a5c59e1e950a882c2c474473bf42
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0451AB72A14B42C6E700FF64DA402EE3374FB94B98F144226EB5D93A95DF38E096C380
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647299540 Relevance: 14.2, APIs: 6, Strings: 2, Instructions: 162registryCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Close$EnumFromHeapInfoOpenProcessQueryStringUuid_invalid_parameter_noinfo
                                                                                                                                                                                                                            • String ID: Bitsum Highest Performance$SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes
                                                                                                                                                                                                                            • API String ID: 3830437141-3067282819
                                                                                                                                                                                                                            • Opcode ID: fed749e5d7456807d00bd7b716964e10ffdc5dfd9748ceb2591f34584c9a605d
                                                                                                                                                                                                                            • Instruction ID: 1364aae22cdf3bfee9a4ff34b82fd030e8b77c4725579b368c26d7493665b2f6
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: fed749e5d7456807d00bd7b716964e10ffdc5dfd9748ceb2591f34584c9a605d
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 197199B6B08B91C6EB10AF25E9401AE73A4FB98798F544136EF8C53B28DF38D545CB40
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647290E50 Relevance: 14.1, APIs: 4, Strings: 4, Instructions: 99COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AttributesFile
                                                                                                                                                                                                                            • String ID: \Windows Feed Discovered.wav$\Windows Pop-up Blocked.wav$\lower.wav$\raise.wav
                                                                                                                                                                                                                            • API String ID: 3188754299-1290990748
                                                                                                                                                                                                                            • Opcode ID: 7296a36a5dda704f52ef1e68de52fd0587a653cfe85e9fd796b0377267e7a4a2
                                                                                                                                                                                                                            • Instruction ID: e9872002783ee13d2733a12683543e8b83cf62677b6b14326e9b92c1feb19d18
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7296a36a5dda704f52ef1e68de52fd0587a653cfe85e9fd796b0377267e7a4a2
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 60418EA1A0DA4AC1EA60BB38D68416B2360FF51BB4F545B32E63D936E5DF2CD984C340
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472992A0 Relevance: 14.1, APIs: 6, Strings: 2, Instructions: 71registryCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: CloseOpenValue$Query$Delete
                                                                                                                                                                                                                            • String ID: BHPUninstalled$Software\ProcessLasso
                                                                                                                                                                                                                            • API String ID: 185538076-1903073231
                                                                                                                                                                                                                            • Opcode ID: 0695532ef64268f96b83a5067c22987984cf298fa57c0f7cc7a8157071cedd6e
                                                                                                                                                                                                                            • Instruction ID: a990708606a6fab0efbc271397b772b11c83df5ad31e1988551d9c8dfdef553a
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0695532ef64268f96b83a5067c22987984cf298fa57c0f7cc7a8157071cedd6e
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0D318D61B1CA52C1FB50BB24E65577B63A0FFA47A0F541131EA8E826A8DE3CD145CB04
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647297A60 Relevance: 12.5, APIs: 5, Strings: 2, Instructions: 253COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: FromString
                                                                                                                                                                                                                            • String ID: FriendlyName$SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\%s
                                                                                                                                                                                                                            • API String ID: 1694596556-2577785381
                                                                                                                                                                                                                            • Opcode ID: f7c29af1932bf57e9f1eb277244c377755f38e01bdffa5cedb5eea48c928895e
                                                                                                                                                                                                                            • Instruction ID: 5fcd654f24b5ae1354ddc0112a1d466282885cdea11c3430e8147a3adf423271
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f7c29af1932bf57e9f1eb277244c377755f38e01bdffa5cedb5eea48c928895e
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C4B1AFA2F0CA42C2EB10BB25D6402BE63A5FFA0B94F495135EB4D937A9DF7CD5808700
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF64727D550 Relevance: 12.4, APIs: 2, Strings: 5, Instructions: 158registryCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                              • Part of subcall function 00007FF6472719D0: GetProcessHeap.KERNEL32(?,?,?,00007FF64727833C,?,?,?,?,?,00007FF64727101E), ref: 00007FF647271A06
                                                                                                                                                                                                                            • SHDeleteKeyW.SHLWAPI ref: 00007FF64727D6FE
                                                                                                                                                                                                                            • RegDeleteKeyW.ADVAPI32 ref: 00007FF64727D70E
                                                                                                                                                                                                                              • Part of subcall function 00007FF6472721F0: FindResourceExW.KERNEL32(?,00000000,?,00000000,00007FF6472728E0,?,ProcessLasso,?,?,00007FF6472726FD), ref: 00007FF64727224D
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Delete$FindHeapProcessResource
                                                                                                                                                                                                                            • String ID: ala$bitsum$lasso$park$pec
                                                                                                                                                                                                                            • API String ID: 2862931263-204472767
                                                                                                                                                                                                                            • Opcode ID: 5ffa1538e71092ef1b84f2a0f609a89cd3396fe118338dae01b7cf0da84e316e
                                                                                                                                                                                                                            • Instruction ID: 30cc2a508d6b70a5e353c0589083160e7bc10a12ec015a1d39a8dee35430521c
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5ffa1538e71092ef1b84f2a0f609a89cd3396fe118338dae01b7cf0da84e316e
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4D51B022B0DB03C1FE20BB25AB4427A6391AF45BA8F455636DE6DD62D9DF3CF5408600
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472818A0 Relevance: 12.4, APIs: 4, Strings: 3, Instructions: 122registryCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Close$CreateQueryValue
                                                                                                                                                                                                                            • String ID: Bitsum Highest Performance$Software\ProcessLasso$ThemeLocked
                                                                                                                                                                                                                            • API String ID: 2495337196-2025526020
                                                                                                                                                                                                                            • Opcode ID: a1cc390790214fbbbe872949813bc320887eaad2c5fc94320bd19bc8e2339b13
                                                                                                                                                                                                                            • Instruction ID: 5ba51422fe2772271eaad24d73bec345bdc21d9d6ddd5361b4fb12add5c4f1da
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a1cc390790214fbbbe872949813bc320887eaad2c5fc94320bd19bc8e2339b13
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F381187190C282C9F311BB14FA443A73BA2BF56308F144139D5AC866E6DFBDA188CB4D
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF64727C8D0 Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 70processCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: HandleModule$CloseCreateFileInfoNameProcessStartup
                                                                                                                                                                                                                            • String ID: /postupdate$\
                                                                                                                                                                                                                            • API String ID: 2007878149-3400927517
                                                                                                                                                                                                                            • Opcode ID: 4316f6976dad91ad4eb824b30773b3f2da196e835bf6bdde72ac6cfe3f59e356
                                                                                                                                                                                                                            • Instruction ID: 17ccf9da9bcc0831b5b69de17f15b54d3c3336a4261484e554c6f8cf36a538a9
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4316f6976dad91ad4eb824b30773b3f2da196e835bf6bdde72ac6cfe3f59e356
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B931772160DA82C5EB60FB25F65437B63A4FF84794F404635DA9ED26A5EF7CD1848B00
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF64727CA00 Relevance: 12.3, APIs: 4, Strings: 3, Instructions: 50registryCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Close$CreateQueryValue
                                                                                                                                                                                                                            • String ID: DateTimeFormat$MM-dd-yyyy$Software\ProcessLasso
                                                                                                                                                                                                                            • API String ID: 2495337196-3896722804
                                                                                                                                                                                                                            • Opcode ID: 222d2735083259c26cb172e6e7df70378e2f488bdf3fd797373c0a22fe257790
                                                                                                                                                                                                                            • Instruction ID: 16f57369adad11586cb8ca0d95d290b34360175351c6d74bd8f2ae5a1c8e2897
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 222d2735083259c26cb172e6e7df70378e2f488bdf3fd797373c0a22fe257790
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 88116FB2A1CB81C6EB10AF60F45526BB3A4FB98795F500125EA9D86B68DF7CD144CF04
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647272ED0 Relevance: 10.7, APIs: 3, Strings: 3, Instructions: 179COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: CloseOpen$AttributesCreateDirectoryFileFolderPathQuerySpecialValue
                                                                                                                                                                                                                            • String ID: ProcessLasso$\$logs
                                                                                                                                                                                                                            • API String ID: 162408085-3506783238
                                                                                                                                                                                                                            • Opcode ID: 534266bf77afde1b29aa28718cd34663aea883d5eb489cd736edae3f18bb2e5f
                                                                                                                                                                                                                            • Instruction ID: 091c526a060faf580d94986e5824570d984eafc35a277ae84935f85319eb05f3
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 534266bf77afde1b29aa28718cd34663aea883d5eb489cd736edae3f18bb2e5f
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D6714636B09A55C6EA10BF19D74426F73A0FB48FA0F019235CB6993792EF39E5618780
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472897C9 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 102sleepCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AttributesCriticalFileLeaveSection$Sleep
                                                                                                                                                                                                                            • String ID: P$P
                                                                                                                                                                                                                            • API String ID: 687206237-159270896
                                                                                                                                                                                                                            • Opcode ID: 61bc2a7721ead52ebe8e3ac8eb095b4f4e46417bd624277dfd15e3b4d44a1553
                                                                                                                                                                                                                            • Instruction ID: e4f3dd346a849bfd2b5b0dad6a84ac732f514ef89a1b57973049ece04cadc019
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 61bc2a7721ead52ebe8e3ac8eb095b4f4e46417bd624277dfd15e3b4d44a1553
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7D411926A1D502D5FB00FB60EB911FB2761BF91384F804532D64ED25E6DF2DE94AC340
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF64727D460 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 53registryCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Close$CreateValue
                                                                                                                                                                                                                            • String ID: Path$SYSTEM\CurrentControlSet\Control\Session Manager\Environment
                                                                                                                                                                                                                            • API String ID: 1009429713-2840421589
                                                                                                                                                                                                                            • Opcode ID: 053eaaa9f54574f0067adb765bbc96f3d12d86b8c5e61ed85e7a1e9e730e2315
                                                                                                                                                                                                                            • Instruction ID: 23ca407eeb56d3a979248025dc03e2a3718879507805557dfa498d3c03c54650
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 053eaaa9f54574f0067adb765bbc96f3d12d86b8c5e61ed85e7a1e9e730e2315
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4B216072A0CA82C6EB10BB24E55536B73A0FB99765F500235DAAD87794DF7CD144CB00
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647290A20 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 53registryCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Close$OpenQueryValue
                                                                                                                                                                                                                            • String ID: ConfigFolderEx$Software\ProcessLasso
                                                                                                                                                                                                                            • API String ID: 1607946009-3700276278
                                                                                                                                                                                                                            • Opcode ID: 0d8fd3e9d0e8903d0cc60f80bf100488aeff27de4b1b98051fad2762fb7fd102
                                                                                                                                                                                                                            • Instruction ID: 6947003fd4b23eefa306a397740d948b4afa3064636e92868b5eabe8e42c22a6
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0d8fd3e9d0e8903d0cc60f80bf100488aeff27de4b1b98051fad2762fb7fd102
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 84217161A1CB46C5EB60BB10E5513AB63A0FB95790F105235EA9E83794DF3CD004CB40
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647282430 Relevance: 10.5, APIs: 4, Strings: 2, Instructions: 44registryCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Close$OpenQueryValue
                                                                                                                                                                                                                            • String ID: Software\ProcessLasso$UseFileSystemLocks
                                                                                                                                                                                                                            • API String ID: 1607946009-1555210630
                                                                                                                                                                                                                            • Opcode ID: eb88f80fae66cb516ec06670daf3e3f537961ddce7b367c4e847246f5a75682e
                                                                                                                                                                                                                            • Instruction ID: 0caaf64a2f9af57c3ac3d144a24da7e81068f4f4cc87f851ecb3f694ef024df2
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: eb88f80fae66cb516ec06670daf3e3f537961ddce7b367c4e847246f5a75682e
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6C116A76A1CA82C6EB50BF10E55566B73A0FB99795F901125EB8E42B68DF3DD104CF00
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647293040 Relevance: 9.1, APIs: 6, Instructions: 126fileCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: File$CloseCreateHandleSize
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1378416451-0
                                                                                                                                                                                                                            • Opcode ID: 4ed091108800b3a1e539b7e2aa540285de3c488fa98238fa2e347c42713f26f8
                                                                                                                                                                                                                            • Instruction ID: 2cfd9672a90e86cbd71f741fc4d6a0f8132552bd872f4daeaed9a2918549592f
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4ed091108800b3a1e539b7e2aa540285de3c488fa98238fa2e347c42713f26f8
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 82518D61A0C742C6EA20BB11E6451BB2360FF95B90F404131EE4D937AACF7CE54AC745
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647290110 Relevance: 9.0, APIs: 2, Strings: 3, Instructions: 260COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                              • Part of subcall function 00007FF64729ED60: GetCurrentThreadId.KERNEL32 ref: 00007FF64729EDB1
                                                                                                                                                                                                                              • Part of subcall function 00007FF64729ED60: AcquireSRWLockExclusive.KERNEL32(?,?,?,?,?,?,?,00007FF64729014E), ref: 00007FF64729EDD0
                                                                                                                                                                                                                            • std::_Throw_Cpp_error.LIBCPMT ref: 00007FF647290493
                                                                                                                                                                                                                            • std::_Throw_Cpp_error.LIBCPMT ref: 00007FF6472904A8
                                                                                                                                                                                                                              • Part of subcall function 00007FF6472719D0: GetProcessHeap.KERNEL32(?,?,?,00007FF64727833C,?,?,?,?,?,00007FF64727101E), ref: 00007FF647271A06
                                                                                                                                                                                                                              • Part of subcall function 00007FF647293040: CreateFileW.KERNELBASE ref: 00007FF6472930B1
                                                                                                                                                                                                                              • Part of subcall function 00007FF6472A8DAC: _invalid_parameter_noinfo.LIBCMT ref: 00007FF6472A8DC9
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Cpp_errorThrow_std::_$AcquireCreateCurrentExclusiveFileHeapLockProcessThread_invalid_parameter_noinfo
                                                                                                                                                                                                                            • String ID: %s\%s$%s\%s\%s$prolasso.ini
                                                                                                                                                                                                                            • API String ID: 4090743962-3231434878
                                                                                                                                                                                                                            • Opcode ID: 0e68e7df2c16493f35369ab94c7497d7fd2f7c90fda003a95a4405740f4a1f3b
                                                                                                                                                                                                                            • Instruction ID: b8be4f1897366b5a94a1c15cee1ee23e66056ebbf43765336201928157e87f7c
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0e68e7df2c16493f35369ab94c7497d7fd2f7c90fda003a95a4405740f4a1f3b
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D8B1AEB2B1CA46C2EA60BB25D6001BE23A1FF94B90F484636DA6D833D5DF3CE841C744
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647299860 Relevance: 9.0, APIs: 3, Strings: 2, Instructions: 234COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                              • Part of subcall function 00007FF6472719D0: GetProcessHeap.KERNEL32(?,?,?,00007FF64727833C,?,?,?,?,?,00007FF64727101E), ref: 00007FF647271A06
                                                                                                                                                                                                                            • GetModuleHandleW.KERNEL32(?,00007FF647277D3A), ref: 00007FF6472998DB
                                                                                                                                                                                                                            • GetModuleFileNameW.KERNEL32(?,00007FF647277D3A), ref: 00007FF6472998EE
                                                                                                                                                                                                                            • GetFileAttributesW.KERNELBASE(?,00007FF647277D3A), ref: 00007FF647299A10
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: FileModule$AttributesHandleHeapNameProcess
                                                                                                                                                                                                                            • String ID: Session agent for Process Lasso$bitsumsessionagent.exe
                                                                                                                                                                                                                            • API String ID: 782857251-204507972
                                                                                                                                                                                                                            • Opcode ID: 98218a64611963633780596b3ea24519bd0d54ff34295e75fc0e463fb31d34d9
                                                                                                                                                                                                                            • Instruction ID: cde44a5a1e4edaa6a82aba14400a6f5e0472c5c64b7fa4d4e5d2fd11ecb056e1
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 98218a64611963633780596b3ea24519bd0d54ff34295e75fc0e463fb31d34d9
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9D91AC62B0CA52C5FB10FB25D6502BE63A0FBA5B94F084235DA8D937A9DF7CE585C340
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF64729E270 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 69registryCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: CloseOpenQueryValue
                                                                                                                                                                                                                            • String ID: HARDWARE\DESCRIPTION\System\CentralProcessor\0$ProcessorNameString
                                                                                                                                                                                                                            • API String ID: 3677997916-2804670039
                                                                                                                                                                                                                            • Opcode ID: 3bcc21ed9786390442ec5da8d38c3c8838a6f688a29ecebaea8b000b0d7a2c90
                                                                                                                                                                                                                            • Instruction ID: f303b449dac9d049eda03866fa31a8e8f242261ffee968d6af6aa4482e0a2e60
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3bcc21ed9786390442ec5da8d38c3c8838a6f688a29ecebaea8b000b0d7a2c90
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 70318972A1CB82C6EB50BB15E6443ABB360FB84B94F545235EA9D837A9DF3CD104CB40
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647276B70 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 53registryCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Open$Service$HandleLoad$CloseManagerString$CreateInitializeLibraryMessageModule
                                                                                                                                                                                                                            • String ID: Software\ProcessLasso
                                                                                                                                                                                                                            • API String ID: 299522058-2192838026
                                                                                                                                                                                                                            • Opcode ID: 04bd1684d38d35bf9df165f8c1f9e5b42d40f23765eb5860421647af55dc1b7d
                                                                                                                                                                                                                            • Instruction ID: 57e4e328eee14152e3af527bc779122b7adffd72e74dae94cd4c61fba6a74b2d
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 04bd1684d38d35bf9df165f8c1f9e5b42d40f23765eb5860421647af55dc1b7d
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1521D3A2A1C682CAF720BB34EA857AB37A5FF44354F444135EA4D82A98DF3CD548CB00
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472796A0 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 42registryCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: CloseCreateDeleteValue
                                                                                                                                                                                                                            • String ID: AddedToSystemPath$UpdateIsNowAvailable
                                                                                                                                                                                                                            • API String ID: 1363933034-2291694170
                                                                                                                                                                                                                            • Opcode ID: b418c20d5617ef6a96efa94da2e81d67e770d2be669d39a65b203026c9dc261f
                                                                                                                                                                                                                            • Instruction ID: 1aa58d9457e94d466fc11ecb588ce778eca7eb762d523dd9fd8e7b4c8d4b9078
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b418c20d5617ef6a96efa94da2e81d67e770d2be669d39a65b203026c9dc261f
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E61130B2A1CB86C6EB50FB61E991577B3A0FB94785F505032D98DC6624DF7CE045CB00
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472993E0 Relevance: 7.6, APIs: 5, Instructions: 67registryCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Close$FromOpenQueryStringValue
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 2728539954-0
                                                                                                                                                                                                                            • Opcode ID: 47fa121d7f21e7ffa055cc4cb74489025361395165abe32cb8de42b014b2a554
                                                                                                                                                                                                                            • Instruction ID: 440ff6ddf817765fccb0312d00277788029727a11fcc05d1364774ce76d1d7a3
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 47fa121d7f21e7ffa055cc4cb74489025361395165abe32cb8de42b014b2a554
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 00315261A1CA85C5FB60BB21F54837763A0FF95794F541135DA8D82AA8DF7CE084CB00
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647290730 Relevance: 7.2, APIs: 3, Strings: 1, Instructions: 199COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                              • Part of subcall function 00007FF6472719D0: GetProcessHeap.KERNEL32(?,?,?,00007FF64727833C,?,?,?,?,?,00007FF64727101E), ref: 00007FF647271A06
                                                                                                                                                                                                                              • Part of subcall function 00007FF647290A20: RegOpenKeyExW.KERNELBASE ref: 00007FF647290A65
                                                                                                                                                                                                                              • Part of subcall function 00007FF647290A20: RegQueryValueExW.KERNELBASE ref: 00007FF647290AA7
                                                                                                                                                                                                                              • Part of subcall function 00007FF647290A20: RegCloseKey.KERNELBASE ref: 00007FF647290AB6
                                                                                                                                                                                                                              • Part of subcall function 00007FF647290A20: RegCloseKey.ADVAPI32 ref: 00007FF647290ADF
                                                                                                                                                                                                                              • Part of subcall function 00007FF64727B6F0: RegOpenKeyExW.KERNELBASE ref: 00007FF64727B733
                                                                                                                                                                                                                              • Part of subcall function 00007FF64727B6F0: RegOpenKeyExW.ADVAPI32 ref: 00007FF64727B76E
                                                                                                                                                                                                                              • Part of subcall function 00007FF64727B6F0: RegQueryValueExW.ADVAPI32 ref: 00007FF64727B7B0
                                                                                                                                                                                                                              • Part of subcall function 00007FF64727B6F0: RegCloseKey.ADVAPI32 ref: 00007FF64727B7BF
                                                                                                                                                                                                                              • Part of subcall function 00007FF64727B6F0: RegCloseKey.ADVAPI32 ref: 00007FF64727B7CA
                                                                                                                                                                                                                            • SHGetSpecialFolderPathW.SHELL32 ref: 00007FF6472907F6
                                                                                                                                                                                                                            • SHCreateDirectoryExW.SHELL32 ref: 00007FF64729080E
                                                                                                                                                                                                                            • SHCreateDirectoryExW.SHELL32 ref: 00007FF647290854
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Close$Open$CreateDirectoryQueryValue$FolderHeapPathProcessSpecial
                                                                                                                                                                                                                            • String ID: \config
                                                                                                                                                                                                                            • API String ID: 3120066115-475124322
                                                                                                                                                                                                                            • Opcode ID: cfb5b4a075f0427b007d370c70110744688ec37623aec5e4d5ba9ed1f8b868cb
                                                                                                                                                                                                                            • Instruction ID: a04809d492c13b494329abaf79fee532288ba37eb05c06e0a7f79ac7f622ef0b
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: cfb5b4a075f0427b007d370c70110744688ec37623aec5e4d5ba9ed1f8b868cb
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: ED81DD62B1CA4AC5FB20BB29D6402AE63A0FB94B80F488535DB9D83795DF3CE545C780
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647299030 Relevance: 7.2, APIs: 3, Strings: 1, Instructions: 150registryCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: CloseOpenQueryValue
                                                                                                                                                                                                                            • String ID: BHPUninstalled
                                                                                                                                                                                                                            • API String ID: 3677997916-3539339586
                                                                                                                                                                                                                            • Opcode ID: 4aa06fdabb33864b7c2400961882f312203db4dc4f4d5f91ccdcd2754721ea53
                                                                                                                                                                                                                            • Instruction ID: 7f7908d7b2af4372ec9b2434bad3deadab67fd52670a5711b4cb13b25945e3df
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4aa06fdabb33864b7c2400961882f312203db4dc4f4d5f91ccdcd2754721ea53
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 117170B2B09A82D9EB40FF71C5502EE2370FB95B98B045126EE5D57B89DF38D646C380
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472794F0 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 59registryCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: CloseCreateQueryValue
                                                                                                                                                                                                                            • String ID: ProcessLasso
                                                                                                                                                                                                                            • API String ID: 4083198587-4260244240
                                                                                                                                                                                                                            • Opcode ID: ae7ec9ade09f4cbbef93ea978848d6fe9248db596d0f6f803286dcd6b265bb74
                                                                                                                                                                                                                            • Instruction ID: 6709a5b3d214a7dbe2ce23c26a66d1be599220b18a4990e61eb5aa902caac60f
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ae7ec9ade09f4cbbef93ea978848d6fe9248db596d0f6f803286dcd6b265bb74
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A3213672608B85CAEB10AF65E55025BB7A0FB88B94F50402AEB8D87B18DF7CD444CF04
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF64727D2D0 Relevance: 6.0, APIs: 4, Instructions: 50registryCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Close$CreateValue
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1009429713-0
                                                                                                                                                                                                                            • Opcode ID: 9c47a97ae4ecbaee3efc8939be10283ca9b07352e114426938465cb6bb443e86
                                                                                                                                                                                                                            • Instruction ID: 16f1acf0ea8e457e749c8d4c2fb1c8b22e61bd275444493763529683be9de28e
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9c47a97ae4ecbaee3efc8939be10283ca9b07352e114426938465cb6bb443e86
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 88118EB2B0C782C6EB50AB11F55562BB3A0FB99B85F500025EE8D87B14DF3CD004CB00
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF64727D3A0 Relevance: 6.0, APIs: 4, Instructions: 44registryCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Close$OpenQueryValue
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1607946009-0
                                                                                                                                                                                                                            • Opcode ID: 15c403e4190efacafa8700e1fb42a83ba1eb3da808a0fe815cfce457a3d4bb79
                                                                                                                                                                                                                            • Instruction ID: a78f80f148be7f9940013a29167fd2c358391de045825d5f3cbd1be90045ff0f
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 15c403e4190efacafa8700e1fb42a83ba1eb3da808a0fe815cfce457a3d4bb79
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B0111C7261CA86C6EB50AF11F55566BB3A0FB99BC4F505036EF8E97B58DE3CE0048B00
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647293270 Relevance: 5.5, APIs: 2, Strings: 1, Instructions: 232COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • GetFileAttributesW.KERNELBASE ref: 00007FF64729329F
                                                                                                                                                                                                                              • Part of subcall function 00007FF6472719D0: GetProcessHeap.KERNEL32(?,?,?,00007FF64727833C,?,?,?,?,?,00007FF64727101E), ref: 00007FF647271A06
                                                                                                                                                                                                                            • SHCreateDirectoryExW.SHELL32 ref: 00007FF6472934F9
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AttributesCreateDirectoryFileHeapProcess
                                                                                                                                                                                                                            • String ID: prolasso.ini
                                                                                                                                                                                                                            • API String ID: 1869356818-4236559347
                                                                                                                                                                                                                            • Opcode ID: 4202489dfc8359459cd13120fba63ecc63025249ea7d4e030882cdd254a43f46
                                                                                                                                                                                                                            • Instruction ID: 29288bd914c0deb4b6e639c020bf84f98dc00cca4d0431d96399fdf9e8270281
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4202489dfc8359459cd13120fba63ecc63025249ea7d4e030882cdd254a43f46
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6491AF62B0CA42C2EA10BB29D74417F63A0FF94B94F095235EB5E977A6DF3CE4408740
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472789A0 Relevance: 5.5, APIs: 1, Strings: 2, Instructions: 203COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: HeapProcess
                                                                                                                                                                                                                            • String ID: LogFolder$ProcessLasso
                                                                                                                                                                                                                            • API String ID: 54951025-592487278
                                                                                                                                                                                                                            • Opcode ID: 32e4016040d4e694d5be800600f0691683f6ac0e8b3b19349250707a2d6eb39a
                                                                                                                                                                                                                            • Instruction ID: 123031c706677b4d3de0afed793f7f22a558b769c0fdb755b2d7a5cef1e8dc9d
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 32e4016040d4e694d5be800600f0691683f6ac0e8b3b19349250707a2d6eb39a
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DD51D432A0C781D2F714BB16AA5156B76A1EF84BD0F248539FFAD87B95DE3CE4118B00
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647272C70 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 172COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                              • Part of subcall function 00007FF6472719D0: GetProcessHeap.KERNEL32(?,?,?,00007FF64727833C,?,?,?,?,?,00007FF64727101E), ref: 00007FF647271A06
                                                                                                                                                                                                                            • GetFileAttributesW.KERNELBASE ref: 00007FF647272E5F
                                                                                                                                                                                                                            • SHCreateDirectoryExW.SHELL32 ref: 00007FF647272E72
                                                                                                                                                                                                                              • Part of subcall function 00007FF6472AA548: _invalid_parameter_noinfo.LIBCMT ref: 00007FF6472AA57B
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AttributesCreateDirectoryFileHeapProcess_invalid_parameter_noinfo
                                                                                                                                                                                                                            • String ID: logs
                                                                                                                                                                                                                            • API String ID: 1915183022-4035954268
                                                                                                                                                                                                                            • Opcode ID: 67dfffc73df4e29e5bdda62244abaa7e7eb951408187b75b8a508dd08be017f0
                                                                                                                                                                                                                            • Instruction ID: 8a506d705aed09d84977026e1378b2e2a7e621d5545bc11a27049af86b9cf17f
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 67dfffc73df4e29e5bdda62244abaa7e7eb951408187b75b8a508dd08be017f0
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B2518D22B0CA81C6EA14BB16D7442AE63B1FB84BA0F449235DF6D877D5DF3CE5458740
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472B2190 Relevance: 4.5, APIs: 3, Instructions: 14COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Process$CurrentExitTerminate
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1703294689-0
                                                                                                                                                                                                                            • Opcode ID: 8f6e33b57f97df6ff93dc85baf9fe11831e434d079b38ffd76c27210a85a0263
                                                                                                                                                                                                                            • Instruction ID: d4c84cf7e4ed83a1351243fe6a172d7c7dde9d35ccd2cf7af03f7b4448396385
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8f6e33b57f97df6ff93dc85baf9fe11831e434d079b38ffd76c27210a85a0263
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 02D09E54B1C742C6EB187F715F9617A12516FA8B42F043438DA0BA6393CD7DF44D8200
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472723E0 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 100COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                            • String ID: ProcessLasso
                                                                                                                                                                                                                            • API String ID: 3215553584-4260244240
                                                                                                                                                                                                                            • Opcode ID: d01b6b8c630a8d1215aca5791e853a81a6b8a8c93f080df0ae72f7c37c70716c
                                                                                                                                                                                                                            • Instruction ID: 0c59746a9b74da296039833d8cc10b51aeee214d025b2f10f3714411874aa051
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d01b6b8c630a8d1215aca5791e853a81a6b8a8c93f080df0ae72f7c37c70716c
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8331BC26E0C242C6FA28BF9997162BFA7F0BF80B94F544435DB0D8B786CE7CE4414640
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647272090 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 68COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                            • String ID: ProcessLasso
                                                                                                                                                                                                                            • API String ID: 3215553584-4260244240
                                                                                                                                                                                                                            • Opcode ID: bc3eae76fa1a69f434f502ba2e4048de225d4f6f8d4ae4de2dd29dedbd47570d
                                                                                                                                                                                                                            • Instruction ID: 78dc4f65089b90268a096beeebdb43c6b96d9aae9d3ed504f991967cb2aa2fdb
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: bc3eae76fa1a69f434f502ba2e4048de225d4f6f8d4ae4de2dd29dedbd47570d
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FC215E36A08B5182DA21BF56EB4006EB7B0FB84F90F154031DF5C97B56DE3DD8868740
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF64729F4AC Relevance: 3.1, APIs: 2, Instructions: 94COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: __scrt_dllmain_crt_thread_attach__scrt_get_show_window_mode__scrt_release_startup_lock
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 3070443116-0
                                                                                                                                                                                                                            • Opcode ID: 950bd7d9425c22a37643ba3e6e06c08e0d35bc417b9729b1e96882b3bb54a40c
                                                                                                                                                                                                                            • Instruction ID: 10cae9625d593f00bcd8b8a56dba35c53f3094a24817df96b9e0dbf4842618cb
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 950bd7d9425c22a37643ba3e6e06c08e0d35bc417b9729b1e96882b3bb54a40c
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C5313CA1F0C243D6FAA4BB64E7523BB2291AF65384F584435DA4DC72E7DE2CF904C241
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF64728976D Relevance: 2.5, APIs: 2, Instructions: 29COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: CriticalFileSection$CloseCreateDefaultEnterHandleLanguageLeaveTimeUser
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 2703258953-0
                                                                                                                                                                                                                            • Opcode ID: d8b1498bba10a1b33997863511e2fec61e1be62fc310921f13e586c6491e2e9a
                                                                                                                                                                                                                            • Instruction ID: a9d91eb0e0ea037e7fe563909eb81c7923e2d1cccad3aca3f39bca60655e9c87
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d8b1498bba10a1b33997863511e2fec61e1be62fc310921f13e586c6491e2e9a
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E6F09026A1C542D4F755FB25EB222FB2356BF98360F885033CA1D83292CF3AE452C340
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647297300 Relevance: 1.6, APIs: 1, Instructions: 136COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 3215553584-0
                                                                                                                                                                                                                            • Opcode ID: 269a492ce5c8f4d68e22a36edcae258f594308b9ef9a5993c1ef452511d1d6f8
                                                                                                                                                                                                                            • Instruction ID: 4fb24a691916fa96e0a2e8dfb90da14c6fc85d059e4f78daecf0f65f881141c4
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 269a492ce5c8f4d68e22a36edcae258f594308b9ef9a5993c1ef452511d1d6f8
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2441BAB2B08A02C2EA24BF29D64427E27A4FF94B94F184535DA5C877A6CF3CE900C740
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472B20C1 Relevance: 1.6, APIs: 1, Instructions: 61COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: HandleModule$AddressFreeLibraryProc
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 3947729631-0
                                                                                                                                                                                                                            • Opcode ID: a5ed7f7388f27fdfff002f6bf9d0fbfb67297ff234f8136f70feb724cf83c255
                                                                                                                                                                                                                            • Instruction ID: 91a8910d63abd13a6d730f4771af8c5487274ecef39653e1766e92ce9e1ab0aa
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a5ed7f7388f27fdfff002f6bf9d0fbfb67297ff234f8136f70feb724cf83c255
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CA219F36E18741DAEB24AF64CA402ED33B0EB44318F44563AD71C96AC6DF3CE486C750
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647271AD0 Relevance: 1.5, APIs: 1, Instructions: 49memoryCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AllocateHeap
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1279760036-0
                                                                                                                                                                                                                            • Opcode ID: d77cdc0592d199bf7328cfcfbdefa1578017304a8e8bd54c3322816427059790
                                                                                                                                                                                                                            • Instruction ID: b83bed36f57659481303fcd3eaf8e411eb2e701f4536838cd547d8ee00dbab0e
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d77cdc0592d199bf7328cfcfbdefa1578017304a8e8bd54c3322816427059790
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DE11A532B18642C2EB48BB29D39412A7291EFC8B74B589334D63D937D4EF7CD4848604
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472B7DFC Relevance: 1.5, APIs: 1, Instructions: 47COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 3215553584-0
                                                                                                                                                                                                                            • Opcode ID: 58a558f94ad46f861c5e40dd788ec831a6490bf9d7e97461cecbd10b74ebe102
                                                                                                                                                                                                                            • Instruction ID: b91e0f91c1c5a619c3cf4cdbd7dfb8c7ac15cd5a4501a0a3b2808d3de8ca9665
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 58a558f94ad46f861c5e40dd788ec831a6490bf9d7e97461cecbd10b74ebe102
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DF113632A1C682C6E310BF95A65456BB3A8EF84740F55043AE69D977A6DF3CF8108B44
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472B54E8 Relevance: 1.5, APIs: 1, Instructions: 36memoryCOMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • RtlAllocateHeap.NTDLL(?,?,00000000,00007FF6472B4BD2,?,?,?,00007FF6472AA419,?,?,?,?,00007FF6472B55D2,?,?,00000000), ref: 00007FF6472B553D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AllocateHeap
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1279760036-0
                                                                                                                                                                                                                            • Opcode ID: de0ec2f14d48c1176c58bc3ce6b68c057fdc1da388ad50d013f4e0f203c326be
                                                                                                                                                                                                                            • Instruction ID: ac1606468f812d1569a9e105850dc530b6a22f41662066e4f9bbc65a40d1834d
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: de0ec2f14d48c1176c58bc3ce6b68c057fdc1da388ad50d013f4e0f203c326be
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 96F04944B1D207C1FEA47BA796913BB02965F88B81F0C5430E90EEA2C6ED1CF4808320
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF64729F14C Relevance: 1.5, APIs: 1, Instructions: 19COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • __scrt_dllmain_crt_thread_attach.LIBCMT ref: 00007FF64729F160
                                                                                                                                                                                                                              • Part of subcall function 00007FF6472A1730: __vcrt_uninitialize_ptd.LIBVCRUNTIME ref: 00007FF6472A1738
                                                                                                                                                                                                                              • Part of subcall function 00007FF6472A1730: __vcrt_uninitialize_locks.LIBVCRUNTIME ref: 00007FF6472A173D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: __scrt_dllmain_crt_thread_attach__vcrt_uninitialize_locks__vcrt_uninitialize_ptd
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1208906642-0
                                                                                                                                                                                                                            • Opcode ID: baffc0b9cb284fe5323fc0ee610ca0729a92655c9d51824930fd44a593d0fd46
                                                                                                                                                                                                                            • Instruction ID: 24b4690f8ef5560e969b0cfa6faf47513f6a464c86bf0e301deadecadff95c60
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: baffc0b9cb284fe5323fc0ee610ca0729a92655c9d51824930fd44a593d0fd46
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9CE0EC90F1D203D1FEE877616B422BB02903F35345F582078D81DD21C3DE0D385711A1
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Non-executed Functions

                                                                                                                                                                                                                            Function 00007FF64729C270 Relevance: 35.2, APIs: 18, Strings: 2, Instructions: 234clipboardkeyboardmemoryCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Window$Clipboard$GlobalText$AllocAsyncClassCloseDataEmptyItemLockNameOpenStateUnlock
                                                                                                                                                                                                                            • String ID: ---------------------------$Button
                                                                                                                                                                                                                            • API String ID: 2440719195-4265534756
                                                                                                                                                                                                                            • Opcode ID: e77a95783eaf115f78e733cd7f390bf93fbadd62c995224f21dd49b64fbeb3d1
                                                                                                                                                                                                                            • Instruction ID: 749f7e9b49fe6829a852e318a6ce1810fe7388066adde363b44fb480104d63cd
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e77a95783eaf115f78e733cd7f390bf93fbadd62c995224f21dd49b64fbeb3d1
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EDC16591E0C682C5E715BF24E64127A7371FF69B95F489135CA4D97261EF3CE589C300
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF64729C680 Relevance: 25.8, APIs: 17, Instructions: 252memoryCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Local$AllocFreeHandleLockModule
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 2507078958-0
                                                                                                                                                                                                                            • Opcode ID: ab1890fbe0c9ff7302f67fe774db27b5d1d5aca5a41231456e793a81103b5b85
                                                                                                                                                                                                                            • Instruction ID: 73173a27ffb42a894cc2ae95809d27160c70b9616b908c8fd13abfc266dc29cf
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ab1890fbe0c9ff7302f67fe774db27b5d1d5aca5a41231456e793a81103b5b85
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 41B1B4A2B0C682C6E760BF25DA412BA73A0FB95B95F488131DE4D87794DF3CE585C700
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647296DE0 Relevance: 24.6, APIs: 13, Strings: 1, Instructions: 113serviceCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Service$CloseHandleOpen$ConfigErrorLastManagerQuery
                                                                                                                                                                                                                            • String ID: Schedule
                                                                                                                                                                                                                            • API String ID: 3855100433-2739827629
                                                                                                                                                                                                                            • Opcode ID: 41be5517486a29138bda6986e5609a46214d60a410ef4dbed99ea3509c3cb29d
                                                                                                                                                                                                                            • Instruction ID: 6fa4bdc4d18d0b3dc38e7158d60e5f0804579ad35195f91fd0a30f641fd72f8e
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 41be5517486a29138bda6986e5609a46214d60a410ef4dbed99ea3509c3cb29d
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D0412AB2B0CB86C6FB64BB12E55532B63A1FB99B81F144035DA8E87B54DF3CE1558B00
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647296FC0 Relevance: 15.8, APIs: 8, Strings: 1, Instructions: 64serviceCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • OpenSCManagerW.ADVAPI32(?,?,?,?,?,?,?,?,?,00007FF647276734), ref: 00007FF647296FDD
                                                                                                                                                                                                                            • OpenServiceW.ADVAPI32(?,?,?,?,?,?,?,?,?,00007FF647276734), ref: 00007FF647297013
                                                                                                                                                                                                                            • QueryServiceStatus.ADVAPI32(?,?,?,?,?,?,?,?,?,00007FF647276734), ref: 00007FF64729703C
                                                                                                                                                                                                                            • StartServiceW.ADVAPI32(?,?,?,?,?,?,?,?,?,00007FF647276734), ref: 00007FF64729705C
                                                                                                                                                                                                                            • CloseServiceHandle.ADVAPI32(?,?,?,?,?,?,?,?,?,00007FF647276734), ref: 00007FF647297069
                                                                                                                                                                                                                            • CloseServiceHandle.ADVAPI32(?,?,?,?,?,?,?,?,?,00007FF647276734), ref: 00007FF647297072
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Service$CloseHandleOpen$ManagerQueryStartStatus
                                                                                                                                                                                                                            • String ID: Schedule
                                                                                                                                                                                                                            • API String ID: 2710452061-2739827629
                                                                                                                                                                                                                            • Opcode ID: 7ebd790e309028a26d60454b38563d9e53cd56b8816486ed59d8109f8e28dd33
                                                                                                                                                                                                                            • Instruction ID: 12f3d6029c73cd00841dbeb1af8e2bc13f735993cf3aef06fcd15e8f77bf691c
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7ebd790e309028a26d60454b38563d9e53cd56b8816486ed59d8109f8e28dd33
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F621B6A1B0C782C6FB50BB25AA5513B33A1FFA9B81F180235DE4E96754EF2CE0558600
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF64729FB1C Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 71COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ExceptionFilterPresentUnhandled$CaptureContextDebuggerEntryFeatureFunctionLookupProcessorUnwindVirtual
                                                                                                                                                                                                                            • String ID: ProcessLasso
                                                                                                                                                                                                                            • API String ID: 3140674995-4260244240
                                                                                                                                                                                                                            • Opcode ID: be40d6081eae2285e3aa2fbdaf394ff17b5a1a5421c4c9e6e6aa87e003af4e12
                                                                                                                                                                                                                            • Instruction ID: 619130cd22cf7979f73e570e0f35ef4f13b3f704d3b5dafcf851c1efbd2a82ae
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: be40d6081eae2285e3aa2fbdaf394ff17b5a1a5421c4c9e6e6aa87e003af4e12
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FD313BB2708B81CAEB60AF60E8503EA7364FB94749F44403ADB4D97B94DF38D548C710
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472AA01C Relevance: 9.1, APIs: 6, Instructions: 83COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ExceptionFilterUnhandled$CaptureContextDebuggerEntryFunctionLookupPresentUnwindVirtual
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1239891234-0
                                                                                                                                                                                                                            • Opcode ID: cf185267e9784ed7a27155e4ba16e16c71962bd43c4efd025fa6da3ab18d391d
                                                                                                                                                                                                                            • Instruction ID: c829414f0bdb1236ec69671400b8e3b326ab1a324b3c50f74cfb9c7470e0c7e5
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: cf185267e9784ed7a27155e4ba16e16c71962bd43c4efd025fa6da3ab18d391d
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C3315C36618B81DADB60EF25E9402AE73A0FB89798F540135EB9D83B94DF3CD155CB00
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF64729E5A8 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 42COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • InitializeCriticalSectionEx.KERNEL32(?,?,?,?,?,?,?,?,?,00007FF64729DAE8), ref: 00007FF64729E600
                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,00007FF64729DAE8), ref: 00007FF64729E609
                                                                                                                                                                                                                            • IsDebuggerPresent.KERNEL32(?,?,?,?,?,?,?,?,?,00007FF64729DAE8), ref: 00007FF64729E621
                                                                                                                                                                                                                            • OutputDebugStringW.KERNEL32(?,?,?,?,?,?,?,?,?,00007FF64729DAE8), ref: 00007FF64729E632
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            • ERROR : Unable to initialize critical section in CAtlBaseModule, xrefs: 00007FF64729E62B
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: CriticalDebugDebuggerErrorInitializeLastOutputPresentSectionString
                                                                                                                                                                                                                            • String ID: ERROR : Unable to initialize critical section in CAtlBaseModule
                                                                                                                                                                                                                            • API String ID: 3511171328-631824599
                                                                                                                                                                                                                            • Opcode ID: c1a9229a66d11c06c9979d6b4fe080dd8d4e6b32f1474a87ae6df6c416707a9f
                                                                                                                                                                                                                            • Instruction ID: 4a6cea11f621a76abd289a53be216d1cae9a5406ffa448d98fa64ea10132e15e
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c1a9229a66d11c06c9979d6b4fe080dd8d4e6b32f1474a87ae6df6c416707a9f
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 94115872A18B82D6F744BB22DB513BA22A0FF54346F004138C75DC2A90EF3CE0648700
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472B6A84 Relevance: 7.8, APIs: 5, Instructions: 282COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: FileFindFirst_invalid_parameter_noinfo
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 2227656907-0
                                                                                                                                                                                                                            • Opcode ID: fc3ce45be131ff9df22542dc9327c309bd8c03e49b868841535172b02ae9f6fa
                                                                                                                                                                                                                            • Instruction ID: aad56785f477209c08bef509bade62219418dab93900371b8b7ff355a1d7b1c5
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: fc3ce45be131ff9df22542dc9327c309bd8c03e49b868841535172b02ae9f6fa
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 96B1BE62F1C692C1EA60BF61EA056BB63A0EB44BE4F445131EA5D97B85DE3CFA41C300
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472B04B0 Relevance: 7.3, APIs: 3, Strings: 1, Instructions: 329COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: memcpy_s
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1502251526-3916222277
                                                                                                                                                                                                                            • Opcode ID: 410d9816363a57b732192fd8862a22eaa28d4ced0536adc073eb692d23bba256
                                                                                                                                                                                                                            • Instruction ID: 89bf3817dfa30f8261382688b342765313a3210c222e9f0c83a34c18a98a71c0
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 410d9816363a57b732192fd8862a22eaa28d4ced0536adc073eb692d23bba256
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 06C1B272B1D686C7E735EF25A148A6AB791F788784F048535DB4A83B44DE3CF905CB40
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF64729CC60 Relevance: 6.2, APIs: 4, Instructions: 191registryCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: CloseFileModuleNameOpenQueryValue
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 3617018055-0
                                                                                                                                                                                                                            • Opcode ID: 1b8ef09435256025fde253048e665c35e52b91a5c9262257d41662ba632cb30f
                                                                                                                                                                                                                            • Instruction ID: e4156b30d9253ca155a4f54e9c0a90477e9e9ee440e2867b0847bd01d70ee669
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1b8ef09435256025fde253048e665c35e52b91a5c9262257d41662ba632cb30f
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BD91B1A27186C1C5DB20FF24D5512BBB7B0FB54B58F849232DA4D87694EF38E689C740
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647292E50 Relevance: 15.9, APIs: 8, Strings: 1, Instructions: 110filelibraryCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: FileLoad$HandleString$CloseCreateLibraryModuleWrite
                                                                                                                                                                                                                            • String ID: My First Profile
                                                                                                                                                                                                                            • API String ID: 3934505703-3805887433
                                                                                                                                                                                                                            • Opcode ID: 11bb4f6c468d09faf0e147fd83b982a7da84ddfd3d5acc416b891eab7777e46c
                                                                                                                                                                                                                            • Instruction ID: 77243cd8967dd151bc0847d8345b913800c3171e44d0a98b8b562f9abe4e7dbe
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 11bb4f6c468d09faf0e147fd83b982a7da84ddfd3d5acc416b891eab7777e46c
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 85517FA1A0CA82C6E720BF11EB4026B73A0FF98B90F584235DA9D937A5DF7CE545C744
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472A96D4 Relevance: 14.5, APIs: 3, Strings: 5, Instructions: 478COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                            • String ID: -$0$f$p$p
                                                                                                                                                                                                                            • API String ID: 3215553584-1865143739
                                                                                                                                                                                                                            • Opcode ID: bd4f149f2eb2a596cd3d60e8df525d1a70cabada9e73dc23b9df3ce12d0a1339
                                                                                                                                                                                                                            • Instruction ID: 1d31d731808dd2929aab1d0f8a7304b4e48c24a963f58b24b87411a3e3a06608
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: bd4f149f2eb2a596cd3d60e8df525d1a70cabada9e73dc23b9df3ce12d0a1339
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1412B171E0C263C6FB20BB96D2446BB76A2FB90754F984536E6D9876C4DF3CE5808B04
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF64729EF68 Relevance: 14.0, APIs: 4, Strings: 4, Instructions: 21libraryloaderCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AddressProc$HandleModule
                                                                                                                                                                                                                            • String ID: GetCurrentPackageId$GetSystemTimePreciseAsFileTime$GetTempPath2W$kernel32.dll
                                                                                                                                                                                                                            • API String ID: 667068680-1247241052
                                                                                                                                                                                                                            • Opcode ID: 29c10783cf10bfb7f1a782e09a3c84bdd1d16d7bd4c1891b60056aef1ab2acc9
                                                                                                                                                                                                                            • Instruction ID: 81a337a7d606c25a2f9489d6c01849198b7c16bea2ac2b5cba5fdb563af8b092
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 29c10783cf10bfb7f1a782e09a3c84bdd1d16d7bd4c1891b60056aef1ab2acc9
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 02F07468A1DE03D9EE14BF91FA5506233B4BF68792B442135C90D96324EFBCE5958340
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472893CA Relevance: 13.7, APIs: 9, Instructions: 207COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: _invalid_parameter_noinfo$Cpp_errorThrow_std::_
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1015236146-0
                                                                                                                                                                                                                            • Opcode ID: caa3c04c16a0bb6330f48a887556b077ad584e2b7fb580b3479a87f752afb2c7
                                                                                                                                                                                                                            • Instruction ID: e31a92c6bd883df9922be53c25159ab4bc3b7ea67ea72419e1f9bb49c0f7792c
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: caa3c04c16a0bb6330f48a887556b077ad584e2b7fb580b3479a87f752afb2c7
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A451545298E257D6F71877B01F26ABB14954FC1350F219D3CE62EBB2D3CC2D2810696B
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF64729CFE0 Relevance: 13.6, APIs: 9, Instructions: 109libraryCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Load$String$Library$HandleModule$Free
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 2517587207-0
                                                                                                                                                                                                                            • Opcode ID: 0fb679aa1347b120c45c1e4f3f4714bfafcca119ffc7a74918bd2ff5a834f9cd
                                                                                                                                                                                                                            • Instruction ID: 59dbbcc06b35ee1ffbe1276cd045f38200ad867f4bd395f6247c35fffb6838d3
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0fb679aa1347b120c45c1e4f3f4714bfafcca119ffc7a74918bd2ff5a834f9cd
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0E518D61A0CA82CAE761FB11EA406BB37A0FF99B54F040235DA9D937A4DF3CE545CB44
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472A8F4C Relevance: 12.7, APIs: 3, Strings: 4, Instructions: 489COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                            • String ID: 0$f$p$p
                                                                                                                                                                                                                            • API String ID: 3215553584-1202675169
                                                                                                                                                                                                                            • Opcode ID: 16c80322e2773b3f60471fc509b4159bc96100d75b4168ebdc0ea2582f84f6a8
                                                                                                                                                                                                                            • Instruction ID: 46da4c8e9df017997d4aeed368fe29a8a516662ee634ce6d15fd96cd001ae5cf
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 16c80322e2773b3f60471fc509b4159bc96100d75b4168ebdc0ea2582f84f6a8
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3B12A061E0C163C6FB20BB96D2442BB76A2FB91754F844036E6DAC76C4DF3DE9909B04
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472A2210 Relevance: 12.6, APIs: 4, Strings: 3, Instructions: 312COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: BlockFrameHandler3::Unwind$CatchExecutionHandlerIs_bad_exception_allowedSearchStatestd::bad_alloc::bad_alloc
                                                                                                                                                                                                                            • String ID: csm$csm$csm
                                                                                                                                                                                                                            • API String ID: 849930591-393685449
                                                                                                                                                                                                                            • Opcode ID: d272b40a0a3643687ab5500690a76bd6ab77fb44c600d1f1f600bdb37dd940b7
                                                                                                                                                                                                                            • Instruction ID: 40392281c0c2051a0a4bf722c6b1475668afe4538ee044de17a6ef564e865b0f
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d272b40a0a3643687ab5500690a76bd6ab77fb44c600d1f1f600bdb37dd940b7
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A7D19032A0CB41CAEB64BF65D6402AE77A0FB85B98F040535EE8D97B55DF38E491C740
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472B56A0 Relevance: 12.4, APIs: 5, Strings: 2, Instructions: 117libraryloaderCOMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AddressFreeLibraryProc
                                                                                                                                                                                                                            • String ID: api-ms-$ext-ms-
                                                                                                                                                                                                                            • API String ID: 3013587201-537541572
                                                                                                                                                                                                                            • Opcode ID: 6128509de75504ed66b2e82594d55283a183c6a5bd25d7d82db4ce9c7933f092
                                                                                                                                                                                                                            • Instruction ID: 940d9de65a2b1d818174cba8a1471b6b2c9a26d14972b2f771fb831a5546b9ce
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 6128509de75504ed66b2e82594d55283a183c6a5bd25d7d82db4ce9c7933f092
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4741BD61B1DA02C2FA15BF16AA045A72392FF44BE0F088135ED1DEB784EE3CF5859300
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472A64D0 Relevance: 11.0, APIs: 3, Strings: 3, Instructions: 475COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                                            • String ID: f$p$p
                                                                                                                                                                                                                            • API String ID: 3215553584-1995029353
                                                                                                                                                                                                                            • Opcode ID: 8cd0e13b6ec317e31c30bd4dbd75af48eeaa2cdba1d857f2d020b9303d487a3c
                                                                                                                                                                                                                            • Instruction ID: c3044126e42c5e4c9ae2335be6303640a4493216c4459e73839975df64e54e7d
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8cd0e13b6ec317e31c30bd4dbd75af48eeaa2cdba1d857f2d020b9303d487a3c
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7F129362E0C243CAFB24BF15E25467B7666EB90B54F888435E6D9C76C4DF3DE6848B00
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647294900 Relevance: 10.7, APIs: 2, Strings: 4, Instructions: 241COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                            • String ID: P$gfffffff$gfffffff$true
                                                                                                                                                                                                                            • API String ID: 0-3282438640
                                                                                                                                                                                                                            • Opcode ID: 4b14c9963ab995340b972fdd6f973ae826f5d5a834d275c1d14c060592cf1ac6
                                                                                                                                                                                                                            • Instruction ID: c6b00b7f8c434c050a2ed1a78932728d02d85fbaaafd365bc15a39d6da5cf5a7
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4b14c9963ab995340b972fdd6f973ae826f5d5a834d275c1d14c060592cf1ac6
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4581D2A2B0C686C2EA10EB56F64417BA391FB58BD4F5C5135EE9D8B749EE3CE181C301
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472A4B3C Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 88libraryloaderCOMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • LoadLibraryExW.KERNEL32(?,?,?,00007FF6472A4DEE,?,?,?,00007FF6472A4AE0,?,?,?,00007FF6472A1711), ref: 00007FF6472A4BC1
                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,?,?,00007FF6472A4DEE,?,?,?,00007FF6472A4AE0,?,?,?,00007FF6472A1711), ref: 00007FF6472A4BCF
                                                                                                                                                                                                                            • LoadLibraryExW.KERNEL32(?,?,?,00007FF6472A4DEE,?,?,?,00007FF6472A4AE0,?,?,?,00007FF6472A1711), ref: 00007FF6472A4BF9
                                                                                                                                                                                                                            • FreeLibrary.KERNEL32(?,?,?,00007FF6472A4DEE,?,?,?,00007FF6472A4AE0,?,?,?,00007FF6472A1711), ref: 00007FF6472A4C67
                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,?,?,00007FF6472A4DEE,?,?,?,00007FF6472A4AE0,?,?,?,00007FF6472A1711), ref: 00007FF6472A4C73
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Library$Load$AddressErrorFreeLastProc
                                                                                                                                                                                                                            • String ID: api-ms-
                                                                                                                                                                                                                            • API String ID: 2559590344-2084034818
                                                                                                                                                                                                                            • Opcode ID: 65c76ad0ac1b265c82f7cbecb038079a7028d7bc2f522c44a416ff5c547d1e20
                                                                                                                                                                                                                            • Instruction ID: 7b93026d285a515dae447a163876b96b43f1d9df1087e7502cc04a2f628b6f4a
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 65c76ad0ac1b265c82f7cbecb038079a7028d7bc2f522c44a416ff5c547d1e20
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5A310221B1EE42C5EE25BB0AAA0067B6395FF44BA5F490534DE1DCBB80EF3CE4408340
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472B49F8 Relevance: 10.6, APIs: 7, Instructions: 62COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Value$ErrorLast
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 2506987500-0
                                                                                                                                                                                                                            • Opcode ID: 3133f723ff95a89c95537452d239326f2e5a03cb7eb70917bc40512585c7da7c
                                                                                                                                                                                                                            • Instruction ID: 8e8efb59fe27036f1986073389732a1d8efd04f3e10f00aca0956d24a9e5d975
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3133f723ff95a89c95537452d239326f2e5a03cb7eb70917bc40512585c7da7c
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 84215E20A0CA53C2FA597F215BA503F62929F447B0F544734EA3EDB6D6EE2CB4418744
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472BC958 Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 48fileCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ConsoleWrite$CloseCreateErrorFileHandleLast
                                                                                                                                                                                                                            • String ID: CONOUT$
                                                                                                                                                                                                                            • API String ID: 3230265001-3130406586
                                                                                                                                                                                                                            • Opcode ID: 5fbbd6da88da92d5702a4459e2f59ee97b9704b391fc01d3c9eec29256dbc363
                                                                                                                                                                                                                            • Instruction ID: 3d0a666fd1f80dd9993c2eabc4621bdf97ae5d25ba1be44cd7efa94a2bddd6c4
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5fbbd6da88da92d5702a4459e2f59ee97b9704b391fc01d3c9eec29256dbc363
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 53118B31B1CA91CAF350BB16EA4532A62A0FB98BE5F040234EA6DC7794DF7CE9548744
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF64729ED60 Relevance: 9.1, APIs: 6, Instructions: 94threadCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AcquireExclusiveLock$CurrentThreadsys_get_time
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 184115430-0
                                                                                                                                                                                                                            • Opcode ID: d970623c3d91bc18088bc6f6af1eac1d8fc5233e04dd0e48833a1f6c9971e984
                                                                                                                                                                                                                            • Instruction ID: 2f0a8c362d486c04a69554356af9282050d1bb36aa29de5b2285212eb9a5ef4c
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d970623c3d91bc18088bc6f6af1eac1d8fc5233e04dd0e48833a1f6c9971e984
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 844106B3E0C686C6EBA4BF24D64027B73A0EB60B55F484435D68DC2698DF3DE895CB05
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472A26E0 Relevance: 9.1, APIs: 2, Strings: 3, Instructions: 319COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Is_bad_exception_allowedstd::bad_alloc::bad_alloc
                                                                                                                                                                                                                            • String ID: csm$csm$csm
                                                                                                                                                                                                                            • API String ID: 3523768491-393685449
                                                                                                                                                                                                                            • Opcode ID: b414f9673bba76e0088a73ddaba8b0e07f4d9f7060a5e61f7f20856106733017
                                                                                                                                                                                                                            • Instruction ID: cd2d3fd7642b56ba2551934b7701057eb4e56f0535973a18c9959b7bbc490ff1
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b414f9673bba76e0088a73ddaba8b0e07f4d9f7060a5e61f7f20856106733017
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A1E19032A0C782CAE760BF24D6803BE7BA0FB88758F144535DA8D97696DF38E585C740
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472B4B70 Relevance: 9.1, APIs: 6, Instructions: 57COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,?,?,00007FF6472AA419,?,?,?,?,00007FF6472B55D2,?,?,00000000,00007FF6472AAA7F,?,?,?), ref: 00007FF6472B4B7F
                                                                                                                                                                                                                            • FlsSetValue.KERNEL32(?,?,?,00007FF6472AA419,?,?,?,?,00007FF6472B55D2,?,?,00000000,00007FF6472AAA7F,?,?,?), ref: 00007FF6472B4BB5
                                                                                                                                                                                                                            • FlsSetValue.KERNEL32(?,?,?,00007FF6472AA419,?,?,?,?,00007FF6472B55D2,?,?,00000000,00007FF6472AAA7F,?,?,?), ref: 00007FF6472B4BE2
                                                                                                                                                                                                                            • FlsSetValue.KERNEL32(?,?,?,00007FF6472AA419,?,?,?,?,00007FF6472B55D2,?,?,00000000,00007FF6472AAA7F,?,?,?), ref: 00007FF6472B4BF3
                                                                                                                                                                                                                            • FlsSetValue.KERNEL32(?,?,?,00007FF6472AA419,?,?,?,?,00007FF6472B55D2,?,?,00000000,00007FF6472AAA7F,?,?,?), ref: 00007FF6472B4C04
                                                                                                                                                                                                                            • SetLastError.KERNEL32(?,?,?,00007FF6472AA419,?,?,?,?,00007FF6472B55D2,?,?,00000000,00007FF6472AAA7F,?,?,?), ref: 00007FF6472B4C1F
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Value$ErrorLast
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 2506987500-0
                                                                                                                                                                                                                            • Opcode ID: 8dce4402fe5c9830a1723b9c09f4c26d882c04743f08562e2e20e40dfcd7baef
                                                                                                                                                                                                                            • Instruction ID: b06c6824843759066b6eefb8475156eb211c39a666d85a71804a94a030a40802
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8dce4402fe5c9830a1723b9c09f4c26d882c04743f08562e2e20e40dfcd7baef
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D2114D20E0CA52C2FA547B626B9613F62919F447B0F544735EA3EDA7D6EE2CF4418740
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647299BC0 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 99windowCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Active$BeepLastMessagePopupVersionWindow
                                                                                                                                                                                                                            • String ID: Process Lasso
                                                                                                                                                                                                                            • API String ID: 443910678-1212517334
                                                                                                                                                                                                                            • Opcode ID: d7c4e1449d53c9211447c2b72800229287a610de2c6f9a82126386865714fb0f
                                                                                                                                                                                                                            • Instruction ID: d11e04898becb01eccefd00d36811ae6a6b6d107ad8eab15e90616b5d46dbf0e
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d7c4e1449d53c9211447c2b72800229287a610de2c6f9a82126386865714fb0f
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DC41D3B271D682C5EB64BF11EA452AB67A0FB94790F444135EA8DC26D8EF3CD544CB00
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472B21F4 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 27libraryloaderCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AddressFreeHandleLibraryModuleProc
                                                                                                                                                                                                                            • String ID: CorExitProcess$mscoree.dll
                                                                                                                                                                                                                            • API String ID: 4061214504-1276376045
                                                                                                                                                                                                                            • Opcode ID: 400727543bcfa68ac057c79aa1a30e9b87049fa3bef5fe3d8757dec73611d59a
                                                                                                                                                                                                                            • Instruction ID: 3413e3c6f7973ce76e09615e8764d38f51b6f571d18b7889a222204f43591f68
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 400727543bcfa68ac057c79aa1a30e9b87049fa3bef5fe3d8757dec73611d59a
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0BF04F61A1DB02C6EB10BB24A55533A6360EF997A6F540235DB6DD62E4DF3DE445C300
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472A1AE0 Relevance: 7.8, APIs: 5, Instructions: 290COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AdjustPointer
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1740715915-0
                                                                                                                                                                                                                            • Opcode ID: 7aa277558aecd9e7e1bfaa5472e05fc4080fdc6de12b0ca17e180f4a56754cc6
                                                                                                                                                                                                                            • Instruction ID: b6252322f69d2b610f1c7df03159c860983a9a36a6407396124037bf32929b95
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7aa277558aecd9e7e1bfaa5472e05fc4080fdc6de12b0ca17e180f4a56754cc6
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3DB1B222E0DB82C2EA65FB11A78067B67B5EF54BA0F098835DE4D97795EF3CE4418340
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF64729FF20 Relevance: 7.6, APIs: 5, Instructions: 137memoryCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ByteCharMultiWide$AllocString
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 262959230-0
                                                                                                                                                                                                                            • Opcode ID: 98533e769dc2df3ad65041c9083516023bf6a15a177fa71d2f57ab9ba43aa94d
                                                                                                                                                                                                                            • Instruction ID: 1356189c34374c45cc1a91e05b000b3374ed47d2156d9da7ad62f39e65c4230b
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 98533e769dc2df3ad65041c9083516023bf6a15a177fa71d2f57ab9ba43aa94d
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1F419172B0C686C9EB64BF21965037A6290FF59BA4F184A35EA6DC77D5EF3CE0518300
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472BC5B8 Relevance: 7.6, APIs: 5, Instructions: 56COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: _set_statfp
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1156100317-0
                                                                                                                                                                                                                            • Opcode ID: f28776d55c10eb7d177062c5064588f4ec1541889b7918308e505bf18f8973e9
                                                                                                                                                                                                                            • Instruction ID: 164b37dfe3c795df2d35bf3242db6b4dd72dc9fc2a0e00c53425a0c6a7498d4d
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f28776d55c10eb7d177062c5064588f4ec1541889b7918308e505bf18f8973e9
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A011A322E5CA03C1F6543B28E7927772180AFD8374F195638EA7ED63DACE2CB9C55210
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472B4C38 Relevance: 7.6, APIs: 5, Instructions: 54COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • FlsGetValue.KERNEL32(?,?,?,00007FF6472A9FAB,?,?,00000000,00007FF6472AA246,?,?,?,?,?,00007FF6472AA1D2), ref: 00007FF6472B4C57
                                                                                                                                                                                                                            • FlsSetValue.KERNEL32(?,?,?,00007FF6472A9FAB,?,?,00000000,00007FF6472AA246,?,?,?,?,?,00007FF6472AA1D2), ref: 00007FF6472B4C76
                                                                                                                                                                                                                            • FlsSetValue.KERNEL32(?,?,?,00007FF6472A9FAB,?,?,00000000,00007FF6472AA246,?,?,?,?,?,00007FF6472AA1D2), ref: 00007FF6472B4C9E
                                                                                                                                                                                                                            • FlsSetValue.KERNEL32(?,?,?,00007FF6472A9FAB,?,?,00000000,00007FF6472AA246,?,?,?,?,?,00007FF6472AA1D2), ref: 00007FF6472B4CAF
                                                                                                                                                                                                                            • FlsSetValue.KERNEL32(?,?,?,00007FF6472A9FAB,?,?,00000000,00007FF6472AA246,?,?,?,?,?,00007FF6472AA1D2), ref: 00007FF6472B4CC0
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Value
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 3702945584-0
                                                                                                                                                                                                                            • Opcode ID: 208d8b1151d9afaf4880314cc175b260369526bb353206f7d571cec0f9f09b53
                                                                                                                                                                                                                            • Instruction ID: 920d2718b071d42afe4b92a7a911e9882776141ee0cfba1ce846216dbe5e1046
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 208d8b1151d9afaf4880314cc175b260369526bb353206f7d571cec0f9f09b53
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C2114C20E0CA57C2FA587F626B9517B2291AF84BA0F544335EA3D9A7D6EE2CF4418241
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647290020 Relevance: 7.6, APIs: 5, Instructions: 53filetimeCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: File$CloseHandle$CreateSizeTime
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 492692993-0
                                                                                                                                                                                                                            • Opcode ID: 493fc8f4cbb0279f587707480c9d14d37c6a379ebf676e0cfb2933184f2fd29d
                                                                                                                                                                                                                            • Instruction ID: 394042c78465d8020ae48327b3ecef96c3128571609c20a0c8aaa1734718cf81
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 493fc8f4cbb0279f587707480c9d14d37c6a379ebf676e0cfb2933184f2fd29d
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9421AF72A0C686C6E760BB15E65427B73A0FF94790F544635DA6D83BA4CF7CE485CB00
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472B4ACC Relevance: 7.6, APIs: 5, Instructions: 50COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Value
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 3702945584-0
                                                                                                                                                                                                                            • Opcode ID: 290909334dc5856e89100295bb6643f7bde0d29f4bd46d576a6495eaad21133c
                                                                                                                                                                                                                            • Instruction ID: e8daf460598513c7e6e75b987dc8b6bf52c88154a70f8a8e4d4ddc707e3ab053
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 290909334dc5856e89100295bb6643f7bde0d29f4bd46d576a6495eaad21133c
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FC113C10E0D607C2FD587F625AA217B22918F81330F590738EB3EDA2C3EE2CB4418245
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647294830 Relevance: 7.2, APIs: 2, Strings: 2, Instructions: 226COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                            • String ID: gfffffff$true
                                                                                                                                                                                                                            • API String ID: 0-952935935
                                                                                                                                                                                                                            • Opcode ID: 4123133e7937db3c0b96c546dcc892ae3d42d7efabeab5bb0b41c46323187981
                                                                                                                                                                                                                            • Instruction ID: 47231ba538c81423d03d19eb0754c02f9362c342efe98c187b29a21abfb5437e
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4123133e7937db3c0b96c546dcc892ae3d42d7efabeab5bb0b41c46323187981
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7981B5A2B18B89D2DA14EF56E6441AE73A0FB58BD4F588635DE6D87788DF3CE141C300
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472A2E54 Relevance: 7.2, APIs: 2, Strings: 2, Instructions: 190COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: CallEncodePointerTranslator
                                                                                                                                                                                                                            • String ID: MOC$RCC
                                                                                                                                                                                                                            • API String ID: 3544855599-2084237596
                                                                                                                                                                                                                            • Opcode ID: 4517b1b8e41c47d965da38c8e801d445fa6379e4f0e36b22512e91b06357aba7
                                                                                                                                                                                                                            • Instruction ID: ca14ed5cf0e26864ddbdc73154b6a3f97a0188d9143e1b6fd4272ee57571f864
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4517b1b8e41c47d965da38c8e801d445fa6379e4f0e36b22512e91b06357aba7
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 98918373A08792CAE750EB64E9402AE7BA0FB45788F14413AEB4D97756DF38D195CB00
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472A14F0 Relevance: 7.2, APIs: 3, Strings: 1, Instructions: 154COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: CurrentImageNonwritableUnwind__except_validate_context_record
                                                                                                                                                                                                                            • String ID: csm
                                                                                                                                                                                                                            • API String ID: 2395640692-1018135373
                                                                                                                                                                                                                            • Opcode ID: 074de032c8f380b970d18784712d87e25113c3bf8bdd165c3fe3e66571056731
                                                                                                                                                                                                                            • Instruction ID: f2534aaa63a6902204a203f6cae56a3dc5bc5e107a233a150a6e98b1e5393e28
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 074de032c8f380b970d18784712d87e25113c3bf8bdd165c3fe3e66571056731
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 45519132B1D602CADB14FB15E244A7A23A5EB54FA8F144135EA4ED7788DF7CE841C700
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472A33D4 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 145COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Frame$EmptyHandler3::StateUnwind__except_validate_context_record
                                                                                                                                                                                                                            • String ID: csm$csm
                                                                                                                                                                                                                            • API String ID: 3896166516-3733052814
                                                                                                                                                                                                                            • Opcode ID: 1fe0431b6edc7913779c4e28f596634e7ce2e293c6adb7c7e8a54989d8787df0
                                                                                                                                                                                                                            • Instruction ID: aa48286180817fc5bea4afc83859b14de5403858a059564aad00de5433a47f93
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1fe0431b6edc7913779c4e28f596634e7ce2e293c6adb7c7e8a54989d8787df0
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 63516D3290C682C7EB64BF15968436B7BA0EB59B98F144136DA9DC7B96CF3CE450CB00
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472B24E8 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 111COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • _invalid_parameter_noinfo.LIBCMT ref: 00007FF6472B251A
                                                                                                                                                                                                                              • Part of subcall function 00007FF6472B32EC: HeapFree.KERNEL32(?,?,?,00007FF6472B81DA,?,?,?,00007FF6472B8217,?,?,00000000,00007FF6472B854C,?,?,?,00007FF6472B847F), ref: 00007FF6472B3302
                                                                                                                                                                                                                              • Part of subcall function 00007FF6472B32EC: GetLastError.KERNEL32(?,?,?,00007FF6472B81DA,?,?,?,00007FF6472B8217,?,?,00000000,00007FF6472B854C,?,?,?,00007FF6472B847F), ref: 00007FF6472B330C
                                                                                                                                                                                                                            • GetModuleFileNameW.KERNEL32(?,?,FFFFFFFF,?,ProcessLasso,00007FF64729F41D,?,?,?,?,?,?,?,00007FF647279B9B), ref: 00007FF6472B2538
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ErrorFileFreeHeapLastModuleName_invalid_parameter_noinfo
                                                                                                                                                                                                                            • String ID: C:\Users\user\Desktop\PostUpdate.exe$ProcessLasso
                                                                                                                                                                                                                            • API String ID: 3580290477-1864471491
                                                                                                                                                                                                                            • Opcode ID: f15bfbd6d2e8f1497c251480dbaa94510d43b0802f6db2509c890ffd3b1c90a1
                                                                                                                                                                                                                            • Instruction ID: 917855c63beded76c57223d8d392e96446501683c101718930aaee3e6c898d87
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f15bfbd6d2e8f1497c251480dbaa94510d43b0802f6db2509c890ffd3b1c90a1
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A3416132A0C752C6EB59FF259B911BA27E4EF44794B54403AEA4D83B46DE3DF481C704
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472BA13C Relevance: 6.3, APIs: 4, Instructions: 305fileCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: FileWrite$ConsoleErrorLastOutput
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 2718003287-0
                                                                                                                                                                                                                            • Opcode ID: e421d25a00b6fdcb2e38b2bb2a9f1d4e24d166eb3da0f5f838434626de2aa5d1
                                                                                                                                                                                                                            • Instruction ID: abc4726151db7c6e3ad26a1d2a61d79439ec108a6ec89821e2c3b6cc5e8fcfd6
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e421d25a00b6fdcb2e38b2bb2a9f1d4e24d166eb3da0f5f838434626de2aa5d1
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 36D1D032B08A81DAE721EF79D6801AE37B1FB44798B144236CF5D97B99DE38E546C700
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472BAA80 Relevance: 6.2, APIs: 4, Instructions: 218COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • GetConsoleMode.KERNEL32(?,?,?,?,?,?,?,?,?,?,00000000,00000000,00007FF6472BAA20), ref: 00007FF6472BABA3
                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,?,00000000,00000000,00007FF6472BAA20), ref: 00007FF6472BAC2D
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ConsoleErrorLastMode
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 953036326-0
                                                                                                                                                                                                                            • Opcode ID: 240bdb0872ab6801cb69a0f549742a3d5f5a928204e3a63b536947cb2b28f1b4
                                                                                                                                                                                                                            • Instruction ID: 639b4df3db1e22586003ae92de1d65fd2a936e211d3dc344f027ef868fca0a4d
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 240bdb0872ab6801cb69a0f549742a3d5f5a928204e3a63b536947cb2b28f1b4
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EC91DE72A1C652EAFB60BF6596806BE37B0BB04B88F444136DE4E97794DF38E485C710
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF64729F38C Relevance: 6.1, APIs: 4, Instructions: 76COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • Concurrency::cancel_current_task.LIBCPMT ref: 00007FF64729F3BC
                                                                                                                                                                                                                              • Part of subcall function 00007FF64729FD6C: std::bad_alloc::bad_alloc.LIBCMT ref: 00007FF64729FD75
                                                                                                                                                                                                                              • Part of subcall function 00007FF64729FB1C: IsProcessorFeaturePresent.KERNEL32 ref: 00007FF64729FB38
                                                                                                                                                                                                                              • Part of subcall function 00007FF64729FB1C: RtlCaptureContext.KERNEL32 ref: 00007FF64729FB65
                                                                                                                                                                                                                              • Part of subcall function 00007FF64729FB1C: RtlLookupFunctionEntry.KERNEL32 ref: 00007FF64729FB7F
                                                                                                                                                                                                                              • Part of subcall function 00007FF64729FB1C: RtlVirtualUnwind.KERNEL32 ref: 00007FF64729FBC0
                                                                                                                                                                                                                              • Part of subcall function 00007FF64729FB1C: IsDebuggerPresent.KERNEL32 ref: 00007FF64729FC14
                                                                                                                                                                                                                              • Part of subcall function 00007FF64729FB1C: SetUnhandledExceptionFilter.KERNEL32 ref: 00007FF64729FC31
                                                                                                                                                                                                                              • Part of subcall function 00007FF64729FB1C: UnhandledExceptionFilter.KERNEL32 ref: 00007FF64729FC3C
                                                                                                                                                                                                                            • Concurrency::cancel_current_task.LIBCPMT ref: 00007FF64729F3C2
                                                                                                                                                                                                                            • _set_fmode.LIBCMT ref: 00007FF64729F3DF
                                                                                                                                                                                                                            • _RTC_Initialize.LIBCMT ref: 00007FF64729F400
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Concurrency::cancel_current_taskExceptionFilterPresentUnhandled$CaptureContextDebuggerEntryFeatureFunctionInitializeLookupProcessorUnwindVirtual_set_fmodestd::bad_alloc::bad_alloc
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1376948099-0
                                                                                                                                                                                                                            • Opcode ID: c0adce54e1c7dcb7d6f2e4869f87ce4df033329f56288b0adf29c6837c6d19db
                                                                                                                                                                                                                            • Instruction ID: 2774cb6f922c2570ff67c14e4b1d63258802c1ffce698724ebbf0251479f907b
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c0adce54e1c7dcb7d6f2e4869f87ce4df033329f56288b0adf29c6837c6d19db
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9521F990F1C247C2FAD87BB157562BF11946FB8354F8C1934EA6DCA2C3EE2CB9514621
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF64727AAB0 Relevance: 6.0, APIs: 4, Instructions: 45COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ConditionMask$InfoVerifyVersion
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 2793162063-0
                                                                                                                                                                                                                            • Opcode ID: 670743184b790e06b8ad71c7e0e645c9139677ccee827533abd71b00333678f1
                                                                                                                                                                                                                            • Instruction ID: fd3a7cf5aea1d2b5dc9224b1f382f8ef35bc12e12fa89a5e5946b11bd4d8a49d
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 670743184b790e06b8ad71c7e0e645c9139677ccee827533abd71b00333678f1
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CB110732608681CAD731EF22E5813EBB3A0FB98745F005125DB9D87A54EF7CE1158B40
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647274E40 Relevance: 6.0, APIs: 4, Instructions: 40libraryCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Load$String$HandleLibraryModule
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 2387318791-0
                                                                                                                                                                                                                            • Opcode ID: b5f803d068f219dd3ccdb5a4f40bf8f971046f15f5f3bf07aed8a6cd8565b52e
                                                                                                                                                                                                                            • Instruction ID: d1a8a5ebb570bb10da0df11cb57dcd710998279cf798b3bf49dfff23595a5900
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b5f803d068f219dd3ccdb5a4f40bf8f971046f15f5f3bf07aed8a6cd8565b52e
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 75019E22B1CA82C6EB61BB26BA8113B2694EF99BC0F081031DE4DD3765DE2CE5908704
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF64729FD8C Relevance: 6.0, APIs: 4, Instructions: 39timethreadCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: CurrentTime$CounterFilePerformanceProcessQuerySystemThread
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 2933794660-0
                                                                                                                                                                                                                            • Opcode ID: e5928a6e4e936331e510554d40cc564943ad34884620218ae8054e9107539778
                                                                                                                                                                                                                            • Instruction ID: 4ee53fbc725629063d0eda95416040af6ba592a52df8f83468749d1e5e5b7af6
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e5928a6e4e936331e510554d40cc564943ad34884620218ae8054e9107539778
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BE115A26B18F01CAEB00EF60E8452B933A4FB19759F040E31EA6D827A4DF7CD164C340
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647299DA0 Relevance: 6.0, APIs: 4, Instructions: 31windowCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Paint$BeginDrawIconLongWindow
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1892919229-0
                                                                                                                                                                                                                            • Opcode ID: 9528ccc57b779848b6be315fbb6b66763b2bc0347da6809188577ca64567f4cb
                                                                                                                                                                                                                            • Instruction ID: ca2207226c51f7f74bf6183b5cb6f93cac4994b00e8ffd0e7083b0e87e521801
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9528ccc57b779848b6be315fbb6b66763b2bc0347da6809188577ca64567f4cb
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 32F08161B0CA81C6EA60BB35BA5536B73A1FF9DB81F984134DA8D87758DE3CD0058B00
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647294450 Relevance: 5.5, APIs: 2, Strings: 1, Instructions: 215COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                            • String ID: true
                                                                                                                                                                                                                            • API String ID: 0-4261170317
                                                                                                                                                                                                                            • Opcode ID: a5dd5a94e3004802b5fd92db71ba077aa1fba7337d66a0643bf9555dd523e7be
                                                                                                                                                                                                                            • Instruction ID: 3fedade3b982df60a32654e3af2f697d5d4004b3665987838174b39fbaf1bc83
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a5dd5a94e3004802b5fd92db71ba077aa1fba7337d66a0643bf9555dd523e7be
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BA81C262718B86C1EA10EB16E64416BB7A4FB58BE4F684635EEAD577D4DF3CE090C300
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647274510 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 177COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Concurrency::cancel_current_task_invalid_parameter_noinfo_noreturn
                                                                                                                                                                                                                            • String ID: vector too long
                                                                                                                                                                                                                            • API String ID: 73155330-2873823879
                                                                                                                                                                                                                            • Opcode ID: 83040af9d0d8f775defebbd5dbe6c58d1bd58c561f389c4c47f2ce9a91128289
                                                                                                                                                                                                                            • Instruction ID: a7438a2164e81bee4c4b156ec2b8ed4681fbeadfdd83884e8c3e1d20db2bbe46
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 83040af9d0d8f775defebbd5dbe6c58d1bd58c561f389c4c47f2ce9a91128289
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A7519D72B1CA85C2DA10FB29E74126E63A4FB85B94F548635DE9D4B785DF3CD091C380
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472A360C Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 163COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: __except_validate_context_record
                                                                                                                                                                                                                            • String ID: csm$csm
                                                                                                                                                                                                                            • API String ID: 1467352782-3733052814
                                                                                                                                                                                                                            • Opcode ID: 921067a6df51b5bb639ef3deef87d4bfea633296a7ccdd1fb08eaa8ec1ed6167
                                                                                                                                                                                                                            • Instruction ID: 6c5504974b8f302b70e35e0b0501d97c6356ace9c04b8d7cb031411a7223250a
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 921067a6df51b5bb639ef3deef87d4bfea633296a7ccdd1fb08eaa8ec1ed6167
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 23719E72A0C682CADB60BF25965477F7BA1FB05B85F148136DA8C87B8ACF2CD451CB40
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472A2BE4 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 146COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: EncodePointer
                                                                                                                                                                                                                            • String ID: MOC$RCC
                                                                                                                                                                                                                            • API String ID: 2118026453-2084237596
                                                                                                                                                                                                                            • Opcode ID: 67f2251d39167ecaf5124bf70e31051949ccad6bdfafd9f6f8e0f77731d5458d
                                                                                                                                                                                                                            • Instruction ID: cb4c2aec5265a7eed293b03a6783630c304e0c64ccc3b2aa10ae65c60124c813
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 67f2251d39167ecaf5124bf70e31051949ccad6bdfafd9f6f8e0f77731d5458d
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C7619032A0CBC5C5D770AB15E6403AAB7A0FB98B94F044225EB9C53B99DF3CE194CB00
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472A3CA4 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 117COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: CreateFrameInfo__except_validate_context_record
                                                                                                                                                                                                                            • String ID: csm
                                                                                                                                                                                                                            • API String ID: 2558813199-1018135373
                                                                                                                                                                                                                            • Opcode ID: 8ad02b260869f0896f958332105622fb18e37bc3a7445f06e41fb617cea31ab2
                                                                                                                                                                                                                            • Instruction ID: 8b9c58a4ab1a194c761defee2e2079fa87e77e233bd27afa46d9e47e00c3a1aa
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8ad02b260869f0896f958332105622fb18e37bc3a7445f06e41fb617cea31ab2
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8451383661C781C7E660FB15E6402AF77A4FB88BA0F141534EA8D87B56DF38E460CB00
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647274050 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 116COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Concurrency::cancel_current_task_invalid_parameter_noinfo_noreturn
                                                                                                                                                                                                                            • String ID: ProcessLasso
                                                                                                                                                                                                                            • API String ID: 73155330-4260244240
                                                                                                                                                                                                                            • Opcode ID: 2e4a7393258fff016633d45d89c0a845c25abba1bcbd1a3850513951349b8564
                                                                                                                                                                                                                            • Instruction ID: cfec9284a5e686432ff3509687c9a34c883302ee377668d6d15cacac7104abe0
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2e4a7393258fff016633d45d89c0a845c25abba1bcbd1a3850513951349b8564
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0E41CF62B0DB86C1EA14BF12A70436BA355FB18BD0F584A31DEAD8B7C6DE7CE0418340
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472BA7E8 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 100fileCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ErrorFileLastWrite
                                                                                                                                                                                                                            • String ID: U
                                                                                                                                                                                                                            • API String ID: 442123175-4171548499
                                                                                                                                                                                                                            • Opcode ID: 9d103bd22a8d7a51fc973beaa379c9e161c75b92ce2c5443fec62d5edd291b07
                                                                                                                                                                                                                            • Instruction ID: dd96d6909bf72c42fc1c9756a3b692e626f3af76d176743464b97665a86cd32e
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9d103bd22a8d7a51fc973beaa379c9e161c75b92ce2c5443fec62d5edd291b07
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7F41A072A1CA81D5EB20AF25E9443AA7760FB98784F554035EE8DC7B98EF3CE541C700
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF647293690 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 62fileCOMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: CloseDeleteFileHandleHeapProcess
                                                                                                                                                                                                                            • String ID: \.pl-lock
                                                                                                                                                                                                                            • API String ID: 3954262013-2455201285
                                                                                                                                                                                                                            • Opcode ID: 3d33b8f4ebe76a51bad242164f85aae3c4b5b10d42446573f5b7395439ee5af0
                                                                                                                                                                                                                            • Instruction ID: f51785d9b4d09c6efcc81ee3384291a750e1e2d76c5adace95239790fcaaa76c
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3d33b8f4ebe76a51bad242164f85aae3c4b5b10d42446573f5b7395439ee5af0
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3A11D2A2B0CA42C1EA10BB15E61126B23A1FF89BA4F484235DB6D873B6DF3CD444C740
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472A1440 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 44COMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • RtlPcToFileHeader.KERNEL32(?,?,?,?,?,?,?,?,?,00007FF647271831,?,?,?,?,00007FF64727843E), ref: 00007FF6472A1490
                                                                                                                                                                                                                            • RaiseException.KERNEL32(?,?,?,?,?,?,?,?,?,00007FF647271831,?,?,?,?,00007FF64727843E), ref: 00007FF6472A14D1
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ExceptionFileHeaderRaise
                                                                                                                                                                                                                            • String ID: csm
                                                                                                                                                                                                                            • API String ID: 2573137834-1018135373
                                                                                                                                                                                                                            • Opcode ID: 9aa6bcc02eca9fa2c2c96673ab5b0087104e0bdda059140e65178739616fa8e0
                                                                                                                                                                                                                            • Instruction ID: 856e4ac5e8c2204bffff7a5dfe445a72033446801055beb92cf7e6999b6b0a58
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9aa6bcc02eca9fa2c2c96673ab5b0087104e0bdda059140e65178739616fa8e0
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 43114C3261CB41C2EB20AB19F50026A77E4FB88B94F184230DB8C57758EF3CC5518B00
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472802C0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 32COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: BaseCurrentModuleNameProcess_invalid_parameter_noinfo
                                                                                                                                                                                                                            • String ID: processgovernor.exe
                                                                                                                                                                                                                            • API String ID: 1937074306-3269163351
                                                                                                                                                                                                                            • Opcode ID: 9579d99d275b191efa02d68ab4f946634f6bf156ccc50d5fc8b0ba127329665e
                                                                                                                                                                                                                            • Instruction ID: 93346af27e3d781b40126cba537c67ea39266817c56b196724ddc159b2bec404
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9579d99d275b191efa02d68ab4f946634f6bf156ccc50d5fc8b0ba127329665e
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 51F0A455B2C642C2FB60BB22EA513B75350BF94B81F449031DE8DC628ADE3CE105CB40
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF6472759B0 Relevance: 5.2, APIs: 4, Instructions: 154COMMON
                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000001.00000002.1688941292.00007FF647271000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF647270000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688921303.00007FF647270000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1688982027.00007FF6472C1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472D9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689006553.00007FF6472DF000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF6472E1000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000001.00000002.1689044064.00007FF647319000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_1_2_7ff647270000_PostUpdate.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ByteCharMultiWide$ErrorLast
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1717984340-0
                                                                                                                                                                                                                            • Opcode ID: a031458420ead052b57b2c2c3b9ce156b1e3ff7b511d28a70e4fce6e7962ed50
                                                                                                                                                                                                                            • Instruction ID: ae127bf43b7fe6e53bce2fbf8a9238705b43da854142e58ac553e1da09320f9a
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a031458420ead052b57b2c2c3b9ce156b1e3ff7b511d28a70e4fce6e7962ed50
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4651B022A0D707C5FB24BB53975133BE291BF84BA4F249139DA5DE6BD9EE7CE4508200
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Execution Graph

                                                                                                                                                                                                                            Execution Coverage:4%
                                                                                                                                                                                                                            Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                                            Signature Coverage:10.1%
                                                                                                                                                                                                                            Total number of Nodes:921
                                                                                                                                                                                                                            Total number of Limit Nodes:7
                                                                                                                                                                                                                            execution_graph 10183 7ff7e99d2040 10184 7ff7e99d2054 10183->10184 10185 7ff7e99d21b6 SetTimer SetTimer 10183->10185 10186 7ff7e99d205d 10184->10186 10187 7ff7e99d2199 SetEvent PostQuitMessage 10184->10187 10188 7ff7e99d218b DestroyWindow 10186->10188 10189 7ff7e99d206f 10186->10189 10190 7ff7e99d2076 DefWindowProcW 10189->10190 10191 7ff7e99d2082 10189->10191 10190->10191 10192 7ff7e99d2096 10191->10192 10193 7ff7e99d213a OpenEventW 10191->10193 10195 7ff7e99d2179 10192->10195 10196 7ff7e99d20a0 OpenEventW 10192->10196 10194 7ff7e99d2156 WaitForSingleObject CloseHandle 10193->10194 10193->10195 10194->10195 10197 7ff7e99d2170 DestroyWindow 10194->10197 10196->10195 10198 7ff7e99d20c0 WaitForSingleObject 10196->10198 10197->10195 10199 7ff7e99d211f CloseHandle 10198->10199 10200 7ff7e99d20cf OpenEventW 10198->10200 10201 7ff7e99d20f2 WaitForSingleObject CloseHandle 10200->10201 10202 7ff7e99d210e SetThreadExecutionState 10200->10202 10201->10202 10202->10199 10203 7ff7e99d3bc8 10224 7ff7e99d3870 10203->10224 10206 7ff7e99d3d14 10309 7ff7e99d4184 IsProcessorFeaturePresent 10206->10309 10207 7ff7e99d3be4 10209 7ff7e99d3d1e 10207->10209 10212 7ff7e99d3c02 __scrt_release_startup_lock 10207->10212 10210 7ff7e99d4184 std::_Throw_Cpp_error 7 API calls 10209->10210 10211 7ff7e99d3d29 BuildCatchObjectHelperInternal 10210->10211 10213 7ff7e99d3c27 10212->10213 10214 7ff7e99d3cad 10212->10214 10298 7ff7e99de9c0 10212->10298 10230 7ff7e99d42cc 10214->10230 10216 7ff7e99d3cb2 10233 7ff7e99d21f0 CreateMutexW 10216->10233 10221 7ff7e99d3cd5 10221->10211 10305 7ff7e99d39f4 10221->10305 10225 7ff7e99d3878 10224->10225 10226 7ff7e99d3884 __scrt_dllmain_crt_thread_attach 10225->10226 10227 7ff7e99d3891 10226->10227 10229 7ff7e99d388d 10226->10229 10227->10229 10316 7ff7e99d6690 10227->10316 10229->10206 10229->10207 10343 7ff7e99ea200 10230->10343 10234 7ff7e99d2244 WaitForSingleObject 10233->10234 10235 7ff7e99d26a8 10233->10235 10234->10235 10236 7ff7e99d2257 CreateEventW 10234->10236 10238 7ff7e99d3730 std::_Throw_Cpp_error 8 API calls 10235->10238 10345 7ff7e99d518c 10236->10345 10240 7ff7e99d26bc 10238->10240 10239 7ff7e99d22ac CreateEventW LoadLibraryW GetProcAddress 10241 7ff7e99d2307 __scrt_get_show_window_mode 10239->10241 10303 7ff7e99d4314 GetModuleHandleW 10240->10303 10242 7ff7e99d1b60 55 API calls 10241->10242 10243 7ff7e99d235e 10242->10243 10244 7ff7e99d2612 MessageBoxW 10243->10244 10245 7ff7e99d2382 GetCurrentProcess NtQueryInformationProcess 10243->10245 10246 7ff7e99d246d 10244->10246 10247 7ff7e99d23b0 10245->10247 10248 7ff7e99d2681 FreeLibrary CloseHandle 10246->10248 10249 7ff7e99d263b SetEvent 10246->10249 10247->10247 10250 7ff7e99d23f3 GetCurrentProcess SetPriorityClass LoadCursorW RegisterClassExW 10247->10250 10254 7ff7e99de43c 53 API calls 10247->10254 10251 7ff7e99d269e std::_Throw_Cpp_error 10248->10251 10252 7ff7e99d2714 10249->10252 10253 7ff7e99d264f GetCurrentThreadId 10249->10253 10250->10246 10255 7ff7e99d2477 CreateWindowExW 10250->10255 10262 7ff7e99d26a4 10251->10262 10263 7ff7e99d26d9 10251->10263 10258 7ff7e99d4ed0 std::_Throw_Cpp_error 67 API calls 10252->10258 10259 7ff7e99d271f 10253->10259 10260 7ff7e99d265d 10253->10260 10254->10250 10256 7ff7e99d24bf MessageBoxW 10255->10256 10257 7ff7e99d24de 10255->10257 10256->10246 10261 7ff7e99d3aa8 std::_Throw_Cpp_error 67 API calls 10257->10261 10258->10259 10265 7ff7e99d4ed0 std::_Throw_Cpp_error 67 API calls 10259->10265 10264 7ff7e99d53b0 3 API calls 10260->10264 10266 7ff7e99d24e8 10261->10266 10262->10235 10370 7ff7e99de4a4 10263->10370 10268 7ff7e99d2672 10264->10268 10269 7ff7e99d272a 10265->10269 10346 7ff7e99de35c 10266->10346 10268->10248 10268->10269 10272 7ff7e99d4ed0 std::_Throw_Cpp_error 67 API calls 10269->10272 10275 7ff7e99d2735 10272->10275 10274 7ff7e99d26df 10277 7ff7e99d4ed0 std::_Throw_Cpp_error 67 API calls 10274->10277 10276 7ff7e99d2705 10278 7ff7e99d4ed0 std::_Throw_Cpp_error 67 API calls 10276->10278 10281 7ff7e99d26e9 10277->10281 10278->10252 10279 7ff7e99d26ff 10282 7ff7e99de4a4 __GSHandlerCheck_EH 53 API calls 10279->10282 10280 7ff7e99d2532 GetMessageW 10283 7ff7e99d255d 10280->10283 10284 7ff7e99d2598 10280->10284 10287 7ff7e99d4ed0 std::_Throw_Cpp_error 67 API calls 10281->10287 10282->10276 10291 7ff7e99d2565 TranslateMessage DispatchMessageW 10283->10291 10292 7ff7e99d257f GetMessageW 10283->10292 10285 7ff7e99d25e2 SendMessageW 10284->10285 10286 7ff7e99d259d SetEvent 10284->10286 10289 7ff7e99d2601 CloseHandle 10285->10289 10290 7ff7e99d2607 ReleaseMutex 10285->10290 10286->10274 10293 7ff7e99d25b0 GetCurrentThreadId 10286->10293 10288 7ff7e99d26f4 10287->10288 10296 7ff7e99d4ed0 std::_Throw_Cpp_error 67 API calls 10288->10296 10289->10290 10290->10246 10291->10292 10292->10283 10292->10284 10293->10281 10294 7ff7e99d25be 10293->10294 10364 7ff7e99d53b0 WaitForSingleObjectEx 10294->10364 10296->10279 10299 7ff7e99de9f8 10298->10299 10300 7ff7e99de9d7 10298->10300 10301 7ff7e99de4a4 __GSHandlerCheck_EH 53 API calls 10299->10301 10300->10214 10302 7ff7e99de9fd 10301->10302 10304 7ff7e99d4325 10303->10304 10304->10221 10307 7ff7e99d3a05 10305->10307 10306 7ff7e99d3a15 10306->10213 10307->10306 10308 7ff7e99d6690 7 API calls 10307->10308 10308->10306 10310 7ff7e99d41aa __scrt_get_show_window_mode BuildCatchObjectHelperInternal 10309->10310 10311 7ff7e99d41c9 RtlCaptureContext RtlLookupFunctionEntry 10310->10311 10312 7ff7e99d41f2 RtlVirtualUnwind 10311->10312 10313 7ff7e99d422e __scrt_get_show_window_mode 10311->10313 10312->10313 10314 7ff7e99d4260 IsDebuggerPresent SetUnhandledExceptionFilter UnhandledExceptionFilter 10313->10314 10315 7ff7e99d42ae BuildCatchObjectHelperInternal 10314->10315 10315->10209 10317 7ff7e99d66a2 10316->10317 10318 7ff7e99d6698 10316->10318 10317->10229 10322 7ff7e99d6a30 10318->10322 10323 7ff7e99d6a3f 10322->10323 10324 7ff7e99d669d 10322->10324 10330 7ff7e99d9e44 10323->10330 10326 7ff7e99d9bd8 10324->10326 10327 7ff7e99d9c03 10326->10327 10328 7ff7e99d9be6 DeleteCriticalSection 10327->10328 10329 7ff7e99d9c07 10327->10329 10328->10327 10329->10317 10334 7ff7e99d9cac 10330->10334 10335 7ff7e99d9d96 TlsFree 10334->10335 10341 7ff7e99d9cf0 __vcrt_InitializeCriticalSectionEx 10334->10341 10336 7ff7e99d9d1e LoadLibraryExW 10338 7ff7e99d9d3f GetLastError 10336->10338 10339 7ff7e99d9dbd 10336->10339 10337 7ff7e99d9ddd GetProcAddress 10337->10335 10338->10341 10339->10337 10340 7ff7e99d9dd4 FreeLibrary 10339->10340 10340->10337 10341->10335 10341->10336 10341->10337 10342 7ff7e99d9d61 LoadLibraryExW 10341->10342 10342->10339 10342->10341 10344 7ff7e99d42e3 GetStartupInfoW 10343->10344 10344->10216 10345->10239 10347 7ff7e99de375 10346->10347 10348 7ff7e99de38c 10346->10348 10350 7ff7e99de154 _set_errno_from_matherr 11 API calls 10347->10350 10375 7ff7e99de2f8 10348->10375 10352 7ff7e99de37a 10350->10352 10355 7ff7e99ddfe8 _invalid_parameter_noinfo 53 API calls 10352->10355 10353 7ff7e99de39f CreateThread 10356 7ff7e99de3cf GetLastError 10353->10356 10357 7ff7e99d251b 10353->10357 10354 7ff7e99de3dc 10354->10357 10359 7ff7e99de3f2 10354->10359 10360 7ff7e99de3ec CloseHandle 10354->10360 10355->10357 10382 7ff7e99de0c8 10356->10382 10357->10276 10357->10279 10357->10280 10361 7ff7e99de401 10359->10361 10362 7ff7e99de3fb FreeLibrary 10359->10362 10360->10359 10363 7ff7e99dfccc Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 10361->10363 10362->10361 10363->10357 10365 7ff7e99d53d4 10364->10365 10366 7ff7e99d25d3 10364->10366 10367 7ff7e99d53f1 CloseHandle 10365->10367 10368 7ff7e99d53d9 GetExitCodeThread 10365->10368 10366->10285 10366->10288 10367->10366 10368->10366 10369 7ff7e99d53eb 10368->10369 10369->10367 10371 7ff7e99e1360 BuildCatchObjectHelperInternal 53 API calls 10370->10371 10372 7ff7e99de4ad 10371->10372 10373 7ff7e99df8f8 BuildCatchObjectHelperInternal 53 API calls 10372->10373 10374 7ff7e99de4cd 10373->10374 10376 7ff7e99e1934 BuildCatchObjectHelperInternal 11 API calls 10375->10376 10377 7ff7e99de31a 10376->10377 10378 7ff7e99dfccc Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 10377->10378 10379 7ff7e99de324 10378->10379 10380 7ff7e99de32d GetModuleHandleExW 10379->10380 10381 7ff7e99de329 10379->10381 10380->10381 10381->10353 10381->10354 10383 7ff7e99e14d8 _set_errno_from_matherr 11 API calls 10382->10383 10384 7ff7e99de0d5 Concurrency::details::SchedulerProxy::DeleteThis 10383->10384 10385 7ff7e99e14d8 _set_errno_from_matherr 11 API calls 10384->10385 10386 7ff7e99de0f7 10385->10386 10386->10354 9078 7ff7e99de224 9079 7ff7e99de232 GetLastError ExitThread 9078->9079 9080 7ff7e99de241 9078->9080 9091 7ff7e99e1360 GetLastError 9080->9091 9085 7ff7e99de25f 9117 7ff7e99d29b0 9085->9117 9092 7ff7e99e1384 FlsGetValue 9091->9092 9093 7ff7e99e13a1 FlsSetValue 9091->9093 9094 7ff7e99e1391 SetLastError 9092->9094 9095 7ff7e99e139b 9092->9095 9093->9094 9096 7ff7e99e13b3 9093->9096 9099 7ff7e99e142d 9094->9099 9100 7ff7e99de246 9094->9100 9095->9093 9128 7ff7e99e1934 9096->9128 9146 7ff7e99df8f8 9099->9146 9113 7ff7e99e1eec 9100->9113 9103 7ff7e99e13e0 FlsSetValue 9107 7ff7e99e13ec FlsSetValue 9103->9107 9108 7ff7e99e13fe 9103->9108 9104 7ff7e99e13d0 FlsSetValue 9106 7ff7e99e13d9 9104->9106 9135 7ff7e99dfccc 9106->9135 9107->9106 9141 7ff7e99e1110 9108->9141 9114 7ff7e99de252 9113->9114 9115 7ff7e99e1efc 9113->9115 9114->9085 9122 7ff7e99e1df8 9114->9122 9115->9114 9340 7ff7e99e1bc4 9115->9340 9343 7ff7e99d1bc0 GetCurrentProcessId ProcessIdToSessionId 9117->9343 9123 7ff7e99e19ac BuildCatchObjectHelperInternal 5 API calls 9122->9123 9124 7ff7e99e1e1f 9123->9124 9124->9085 9133 7ff7e99e1945 BuildCatchObjectHelperInternal 9128->9133 9129 7ff7e99e1996 9168 7ff7e99de154 9129->9168 9130 7ff7e99e197a RtlAllocateHeap 9131 7ff7e99e13c2 9130->9131 9130->9133 9131->9103 9131->9104 9133->9129 9133->9130 9165 7ff7e99df574 9133->9165 9136 7ff7e99dfcd1 HeapFree 9135->9136 9140 7ff7e99dfd00 9135->9140 9137 7ff7e99dfcec GetLastError 9136->9137 9136->9140 9138 7ff7e99dfcf9 Concurrency::details::SchedulerProxy::DeleteThis 9137->9138 9139 7ff7e99de154 _set_errno_from_matherr 9 API calls 9138->9139 9139->9140 9140->9094 9194 7ff7e99e0fe8 9141->9194 9208 7ff7e99e341c 9146->9208 9171 7ff7e99df5b0 9165->9171 9177 7ff7e99e14d8 GetLastError 9168->9177 9170 7ff7e99de15d 9170->9131 9176 7ff7e99dfb34 EnterCriticalSection 9171->9176 9178 7ff7e99e1519 FlsSetValue 9177->9178 9179 7ff7e99e14fc 9177->9179 9180 7ff7e99e152b 9178->9180 9184 7ff7e99e1509 9178->9184 9179->9178 9179->9184 9181 7ff7e99e1934 BuildCatchObjectHelperInternal 5 API calls 9180->9181 9183 7ff7e99e153a 9181->9183 9182 7ff7e99e1585 SetLastError 9182->9170 9185 7ff7e99e1558 FlsSetValue 9183->9185 9186 7ff7e99e1548 FlsSetValue 9183->9186 9184->9182 9188 7ff7e99e1564 FlsSetValue 9185->9188 9189 7ff7e99e1576 9185->9189 9187 7ff7e99e1551 9186->9187 9190 7ff7e99dfccc Concurrency::details::SchedulerProxy::DeleteThis 5 API calls 9187->9190 9188->9187 9191 7ff7e99e1110 _set_errno_from_matherr 5 API calls 9189->9191 9190->9184 9192 7ff7e99e157e 9191->9192 9193 7ff7e99dfccc Concurrency::details::SchedulerProxy::DeleteThis 5 API calls 9192->9193 9193->9182 9206 7ff7e99dfb34 EnterCriticalSection 9194->9206 9247 7ff7e99e33d4 9208->9247 9252 7ff7e99dfb34 EnterCriticalSection 9247->9252 9341 7ff7e99e19ac BuildCatchObjectHelperInternal 5 API calls 9340->9341 9342 7ff7e99e1bec 9341->9342 9342->9114 9344 7ff7e99d1c29 9343->9344 9386 7ff7e99d1f0f 9343->9386 9394 7ff7e99d51a0 9344->9394 9345 7ff7e99d3730 std::_Throw_Cpp_error 8 API calls 9348 7ff7e99d1f5d 9345->9348 9387 7ff7e99d52fc GetCurrentThreadId 9348->9387 9349 7ff7e99d1f98 9351 7ff7e99d4ed0 std::_Throw_Cpp_error 67 API calls 9349->9351 9350 7ff7e99d1fa3 9353 7ff7e99d4ed0 std::_Throw_Cpp_error 67 API calls 9350->9353 9351->9350 9355 7ff7e99d1fb3 9353->9355 9517 7ff7e99d1060 9355->9517 9361 7ff7e99d3aa8 std::_Throw_Cpp_error 67 API calls 9362 7ff7e99d1ce2 9361->9362 9363 7ff7e99d3aa8 std::_Throw_Cpp_error 67 API calls 9362->9363 9364 7ff7e99d1d09 9363->9364 9365 7ff7e99d3aa8 std::_Throw_Cpp_error 67 API calls 9364->9365 9367 7ff7e99d1d30 9365->9367 9455 7ff7e99d2fa0 9367->9455 9371 7ff7e99d1d6b 9372 7ff7e99d1d91 GetForegroundWindow 9371->9372 9373 7ff7e99d1db8 GetLastInputInfo 9371->9373 9374 7ff7e99d1da1 GetWindowThreadProcessId 9371->9374 9372->9371 9372->9373 9375 7ff7e99d51a0 14 API calls 9373->9375 9374->9373 9382 7ff7e99d1dd5 __scrt_get_show_window_mode 9375->9382 9376 7ff7e99d1f8d 9378 7ff7e99d4ed0 std::_Throw_Cpp_error 67 API calls 9376->9378 9377 7ff7e99d1f7e 9511 7ff7e99d4ed0 9377->9511 9378->9349 9381 7ff7e99d1e7f GetCurrentProcess NtQueryInformationProcess 9381->9382 9382->9376 9382->9377 9382->9381 9383 7ff7e99d51a8 ReleaseSRWLockExclusive 9382->9383 9498 7ff7e99d1b60 9382->9498 9502 7ff7e99de43c 9382->9502 9384 7ff7e99d1efa WaitForSingleObject 9383->9384 9384->9372 9384->9386 9386->9345 10169 7ff7e99d5628 9387->10169 9395 7ff7e99d51c8 GetCurrentThreadId 9394->9395 9396 7ff7e99d5221 9395->9396 9397 7ff7e99d5207 9395->9397 9399 7ff7e99d5226 9396->9399 9400 7ff7e99d523a 9396->9400 9398 7ff7e99d520c AcquireSRWLockExclusive 9397->9398 9401 7ff7e99d5219 9397->9401 9398->9401 9399->9401 9402 7ff7e99d522e AcquireSRWLockExclusive 9399->9402 9403 7ff7e99d527f 9400->9403 9408 7ff7e99d5248 9400->9408 9406 7ff7e99d3730 std::_Throw_Cpp_error 8 API calls 9401->9406 9402->9401 9403->9401 9404 7ff7e99d5287 TryAcquireSRWLockExclusive 9403->9404 9404->9401 9407 7ff7e99d1c35 9406->9407 9407->9349 9407->9350 9410 7ff7e99d51a8 9407->9410 9408->9401 9409 7ff7e99d526f TryAcquireSRWLockExclusive 9408->9409 9521 7ff7e99d5524 9408->9521 9409->9401 9409->9408 9411 7ff7e99d1c59 9410->9411 9412 7ff7e99d51b2 ReleaseSRWLockExclusive 9410->9412 9413 7ff7e99d1200 9411->9413 9412->9411 9414 7ff7e99d1221 9413->9414 9416 7ff7e99d1283 9413->9416 9530 7ff7e99d37bc AcquireSRWLockExclusive 9414->9530 9417 7ff7e99d1308 9416->9417 9419 7ff7e99d37bc 3 API calls 9416->9419 9417->9355 9429 7ff7e99d3aa8 9417->9429 9421 7ff7e99d1299 9419->9421 9421->9417 9535 7ff7e99d3a5c 9421->9535 9430 7ff7e99d3ab3 9429->9430 9431 7ff7e99d1cbb 9430->9431 9432 7ff7e99df574 BuildCatchObjectHelperInternal 2 API calls 9430->9432 9433 7ff7e99d3ad2 9430->9433 9431->9361 9432->9430 9434 7ff7e99d3add 9433->9434 9554 7ff7e99d43f4 9433->9554 9558 7ff7e99d3410 9434->9558 9567 7ff7e99d1490 9455->9567 9457 7ff7e99d1d5c 9458 7ff7e99d29e0 9457->9458 9459 7ff7e99d1200 63 API calls 9458->9459 9462 7ff7e99d2a15 9459->9462 9460 7ff7e99d1060 2 API calls 9461 7ff7e99d2d06 9460->9461 9465 7ff7e99d1060 2 API calls 9461->9465 9463 7ff7e99d2a43 9462->9463 9464 7ff7e99d2a4e 9462->9464 9483 7ff7e99d2cfb 9462->9483 9466 7ff7e99d1660 67 API calls 9463->9466 9467 7ff7e99d19d0 57 API calls 9464->9467 9468 7ff7e99d2d11 9465->9468 9469 7ff7e99d2a4c 9466->9469 9467->9469 9470 7ff7e99d2b31 RegCreateKeyExW 9469->9470 9469->9483 9497 7ff7e99d2c1f 9469->9497 9471 7ff7e99d2b7a RegQueryValueExW 9470->9471 9496 7ff7e99d2c49 9470->9496 9473 7ff7e99d2c43 RegCloseKey 9471->9473 9474 7ff7e99d2bbd RegCloseKey 9471->9474 9472 7ff7e99d1200 63 API calls 9476 7ff7e99d2c81 9472->9476 9473->9496 9477 7ff7e99d1200 63 API calls 9474->9477 9475 7ff7e99d3730 std::_Throw_Cpp_error 8 API calls 9478 7ff7e99d2c5e 9475->9478 9479 7ff7e99d2cf1 9476->9479 9480 7ff7e99d2c89 9476->9480 9481 7ff7e99d2bce 9477->9481 9478->9371 9482 7ff7e99d1060 2 API calls 9479->9482 9484 7ff7e99d2ca4 9480->9484 9485 7ff7e99d2cae 9480->9485 9481->9461 9486 7ff7e99d2bf5 9481->9486 9487 7ff7e99d2c00 9481->9487 9482->9483 9483->9460 9488 7ff7e99d1660 67 API calls 9484->9488 9489 7ff7e99d19d0 57 API calls 9485->9489 9490 7ff7e99d1660 67 API calls 9486->9490 9491 7ff7e99d19d0 57 API calls 9487->9491 9492 7ff7e99d2cac 9488->9492 9489->9492 9493 7ff7e99d2bfe 9490->9493 9491->9493 9494 7ff7e99d2d20 68 API calls 9492->9494 10034 7ff7e99d2d20 9493->10034 9494->9496 9496->9475 9497->9472 9499 7ff7e99d1b85 std::_Throw_Cpp_error 9498->9499 9500 7ff7e99ddb4c 55 API calls 9499->9500 9501 7ff7e99d1ba4 9500->9501 9501->9382 9503 7ff7e99de453 9502->9503 9504 7ff7e99de449 9502->9504 9505 7ff7e99de154 _set_errno_from_matherr 11 API calls 9503->9505 9504->9503 9509 7ff7e99de46f 9504->9509 9506 7ff7e99de45b 9505->9506 9507 7ff7e99ddfe8 _invalid_parameter_noinfo 53 API calls 9506->9507 9508 7ff7e99de467 9507->9508 9508->9382 9509->9508 9510 7ff7e99de154 _set_errno_from_matherr 11 API calls 9509->9510 9510->9506 9512 7ff7e99d4ee9 std::_Throw_Cpp_error 9511->9512 10075 7ff7e99d4c88 9512->10075 9515 7ff7e99d65c0 std::_Xinvalid_argument 2 API calls 9516 7ff7e99d4f16 9515->9516 9518 7ff7e99d1070 9517->9518 9519 7ff7e99d65c0 std::_Xinvalid_argument 2 API calls 9518->9519 9520 7ff7e99d1081 9519->9520 9524 7ff7e99d5560 9521->9524 9527 7ff7e99d56a4 9524->9527 9528 7ff7e99d56b0 9527->9528 9529 7ff7e99d56b7 GetSystemTimeAsFileTime 9527->9529 9528->9529 9531 7ff7e99d37d2 9530->9531 9532 7ff7e99d37d7 ReleaseSRWLockExclusive 9531->9532 9534 7ff7e99d37dc SleepConditionVariableSRW 9531->9534 9534->9531 9539 7ff7e99d3a20 9535->9539 9537 7ff7e99d12f3 9538 7ff7e99d3750 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 9537->9538 9540 7ff7e99d3a3a 9539->9540 9542 7ff7e99d3a33 std::_Throw_Cpp_error 9539->9542 9543 7ff7e99df3ac 9540->9543 9542->9537 9546 7ff7e99defe8 9543->9546 9553 7ff7e99dfb34 EnterCriticalSection 9546->9553 9555 7ff7e99d4402 std::bad_alloc::bad_alloc 9554->9555 9562 7ff7e99d65c0 9555->9562 9557 7ff7e99d4413 9559 7ff7e99d341e Concurrency::cancel_current_task 9558->9559 9560 7ff7e99d65c0 std::_Xinvalid_argument 2 API calls 9559->9560 9561 7ff7e99d342f 9560->9561 9563 7ff7e99d65df 9562->9563 9564 7ff7e99d6608 RtlPcToFileHeader 9563->9564 9565 7ff7e99d662a RaiseException 9563->9565 9566 7ff7e99d6620 9564->9566 9565->9557 9566->9565 9568 7ff7e99d14c0 std::_Throw_Cpp_error 9567->9568 9569 7ff7e99d161c 9567->9569 9592 7ff7e99dd8f0 9568->9592 9570 7ff7e99d1060 2 API calls 9569->9570 9571 7ff7e99d1627 9570->9571 9571->9457 9573 7ff7e99d1060 2 API calls 9573->9569 9574 7ff7e99d1200 63 API calls 9576 7ff7e99d151e 9574->9576 9577 7ff7e99d154b 9576->9577 9578 7ff7e99d155a 9576->9578 9590 7ff7e99d1611 9576->9590 9614 7ff7e99d1660 9577->9614 9637 7ff7e99d19d0 9578->9637 9580 7ff7e99d1558 9582 7ff7e99d1597 9580->9582 9660 7ff7e99d1840 9580->9660 9673 7ff7e99ddb4c 9582->9673 9586 7ff7e99d1607 9588 7ff7e99d1060 2 API calls 9586->9588 9587 7ff7e99d15c6 9589 7ff7e99d3730 std::_Throw_Cpp_error 8 API calls 9587->9589 9588->9590 9591 7ff7e99d15f8 9589->9591 9590->9573 9591->9457 9594 7ff7e99dd94a 9592->9594 9593 7ff7e99dd96f 9596 7ff7e99ddf18 _invalid_parameter_noinfo_noreturn 53 API calls 9593->9596 9594->9593 9595 7ff7e99dd9ab 9594->9595 9683 7ff7e99dc994 9595->9683 9599 7ff7e99dd999 9596->9599 9598 7ff7e99ddb0d 9601 7ff7e99ddb23 9598->9601 9603 7ff7e99dc5c0 _invalid_parameter_noinfo_noreturn 53 API calls 9598->9603 9599->9598 9600 7ff7e99dc5c0 _invalid_parameter_noinfo_noreturn 53 API calls 9599->9600 9600->9598 9604 7ff7e99d3730 std::_Throw_Cpp_error 8 API calls 9601->9604 9602 7ff7e99dda8c 9605 7ff7e99dfccc Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 9602->9605 9603->9601 9607 7ff7e99d14e9 9604->9607 9605->9599 9607->9574 9607->9576 9607->9590 9608 7ff7e99ddab2 9608->9602 9611 7ff7e99ddabc 9608->9611 9609 7ff7e99dda61 9612 7ff7e99dfccc Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 9609->9612 9610 7ff7e99dda58 9610->9602 9610->9609 9613 7ff7e99dfccc Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 9611->9613 9612->9599 9613->9599 9968 7ff7e99d3520 EnterCriticalSection 9614->9968 9616 7ff7e99d16b0 FindResourceExW 9617 7ff7e99d1691 9616->9617 9617->9616 9619 7ff7e99d3520 4 API calls 9617->9619 9620 7ff7e99d1714 9617->9620 9631 7ff7e99d16f3 9617->9631 9975 7ff7e99d10a0 LoadResource 9617->9975 9619->9617 9621 7ff7e99d1719 FindResourceW 9620->9621 9620->9631 9622 7ff7e99d173a LoadResource 9621->9622 9621->9631 9623 7ff7e99d174f LockResource 9622->9623 9622->9631 9624 7ff7e99d1764 SizeofResource 9623->9624 9623->9631 9625 7ff7e99d177a 9624->9625 9626 7ff7e99d17c3 9625->9626 9627 7ff7e99d1840 57 API calls 9625->9627 9625->9631 9979 7ff7e99db0a0 9626->9979 9627->9626 9629 7ff7e99d17ee 9629->9631 9633 7ff7e99d1060 2 API calls 9629->9633 9630 7ff7e99d1820 9632 7ff7e99d1060 2 API calls 9630->9632 9631->9580 9632->9629 9635 7ff7e99d1836 9633->9635 9634 7ff7e99d17d6 9634->9629 9634->9630 9636 7ff7e99d1060 2 API calls 9634->9636 9636->9630 9641 7ff7e99d1a64 9637->9641 9656 7ff7e99d19f6 BuildCatchObjectHelperInternal 9637->9656 9638 7ff7e99d1060 2 API calls 9647 7ff7e99d1b5b std::_Throw_Cpp_error 9638->9647 9639 7ff7e99d1a16 9639->9580 9640 7ff7e99d1aa1 9642 7ff7e99d1ab3 9640->9642 9643 7ff7e99d1af5 9640->9643 9641->9640 9644 7ff7e99d1840 57 API calls 9641->9644 9641->9656 9645 7ff7e99d1ac1 9642->9645 9646 7ff7e99d1ace 9642->9646 9642->9656 9648 7ff7e99d1b02 9643->9648 9652 7ff7e99d1ae0 __scrt_get_show_window_mode 9643->9652 9643->9656 9644->9640 9650 7ff7e99de154 _set_errno_from_matherr 11 API calls 9645->9650 9651 7ff7e99d1ad3 9646->9651 9646->9652 9653 7ff7e99ddb4c 55 API calls 9647->9653 9649 7ff7e99de154 _set_errno_from_matherr 11 API calls 9648->9649 9654 7ff7e99d1ac6 9649->9654 9650->9654 9655 7ff7e99de154 _set_errno_from_matherr 11 API calls 9651->9655 9652->9656 9658 7ff7e99de154 _set_errno_from_matherr 11 API calls 9652->9658 9657 7ff7e99d1ba4 9653->9657 9659 7ff7e99ddfe8 _invalid_parameter_noinfo 53 API calls 9654->9659 9655->9654 9656->9638 9656->9639 9657->9580 9658->9654 9659->9656 9661 7ff7e99d1857 9660->9661 9662 7ff7e99d1862 9660->9662 9664 7ff7e99d19b4 9661->9664 9670 7ff7e99d1936 __scrt_get_show_window_mode 9661->9670 9668 7ff7e99d1894 9662->9668 9988 7ff7e99d19c0 9662->9988 9665 7ff7e99d19c0 57 API calls 9664->9665 9667 7ff7e99d19b9 9665->9667 9666 7ff7e99d1956 BuildCatchObjectHelperInternal 9666->9582 9668->9582 9669 7ff7e99de154 _set_errno_from_matherr 11 API calls 9671 7ff7e99d196c 9669->9671 9670->9666 9670->9669 9672 7ff7e99ddfe8 _invalid_parameter_noinfo 53 API calls 9671->9672 9672->9666 9675 7ff7e99ddb85 9673->9675 9674 7ff7e99ddbc8 9676 7ff7e99ddf18 _invalid_parameter_noinfo_noreturn 53 API calls 9674->9676 9678 7ff7e99ddc07 9674->9678 9675->9674 10012 7ff7e99db11c 9675->10012 9676->9678 9679 7ff7e99ddc2d 9678->9679 9681 7ff7e99dc5c0 _invalid_parameter_noinfo_noreturn 53 API calls 9678->9681 9680 7ff7e99d15be 9679->9680 9682 7ff7e99dc5c0 _invalid_parameter_noinfo_noreturn 53 API calls 9679->9682 9680->9586 9680->9587 9681->9679 9682->9680 9684 7ff7e99dc9d2 9683->9684 9689 7ff7e99dc9c2 9683->9689 9685 7ff7e99dc9d8 9684->9685 9691 7ff7e99dca08 9684->9691 9688 7ff7e99ddf18 _invalid_parameter_noinfo_noreturn 53 API calls 9685->9688 9686 7ff7e99dca00 9686->9602 9686->9608 9686->9609 9686->9610 9687 7ff7e99ddf18 _invalid_parameter_noinfo_noreturn 53 API calls 9687->9686 9688->9686 9689->9687 9691->9686 9691->9689 9694 7ff7e99dce04 9691->9694 9725 7ff7e99dcc58 9691->9725 9760 7ff7e99dc628 9691->9760 9695 7ff7e99dce48 9694->9695 9696 7ff7e99dceba 9694->9696 9697 7ff7e99dcf2b 9695->9697 9708 7ff7e99dce4e 9695->9708 9698 7ff7e99dcec0 9696->9698 9699 7ff7e99dcf38 9696->9699 9791 7ff7e99dbdac 9697->9791 9698->9697 9701 7ff7e99dcf24 9698->9701 9702 7ff7e99dcecc 9698->9702 9798 7ff7e99dd2dc 9699->9798 9787 7ff7e99dd600 9701->9787 9705 7ff7e99dcf04 9702->9705 9706 7ff7e99dced2 9702->9706 9780 7ff7e99dbbc0 9705->9780 9709 7ff7e99dcead 9706->9709 9712 7ff7e99dceed 9706->9712 9714 7ff7e99dcede 9706->9714 9708->9699 9708->9712 9713 7ff7e99dce78 9708->9713 9719 7ff7e99dce8d 9708->9719 9723 7ff7e99dcf43 9708->9723 9709->9723 9769 7ff7e99dbf98 9709->9769 9710 7ff7e99d3730 std::_Throw_Cpp_error 8 API calls 9716 7ff7e99dd242 9710->9716 9776 7ff7e99dd6b4 9712->9776 9713->9709 9717 7ff7e99dce7d 9713->9717 9714->9697 9714->9709 9716->9691 9717->9699 9717->9719 9721 7ff7e99dce9e 9717->9721 9719->9723 9763 7ff7e99dd53c 9719->9763 9721->9723 9724 7ff7e99dd129 9721->9724 9808 7ff7e99dd7d0 9721->9808 9723->9710 9724->9723 9815 7ff7e99e0e30 9724->9815 9726 7ff7e99dcc66 9725->9726 9727 7ff7e99dcc7c 9725->9727 9728 7ff7e99dccbc 9726->9728 9730 7ff7e99dce48 9726->9730 9731 7ff7e99dceba 9726->9731 9727->9728 9729 7ff7e99ddf18 _invalid_parameter_noinfo_noreturn 53 API calls 9727->9729 9728->9691 9729->9728 9732 7ff7e99dcf2b 9730->9732 9733 7ff7e99dce4e 9730->9733 9734 7ff7e99dcec0 9731->9734 9735 7ff7e99dcf38 9731->9735 9739 7ff7e99dbdac 54 API calls 9732->9739 9733->9735 9745 7ff7e99dceed 9733->9745 9748 7ff7e99dce78 9733->9748 9754 7ff7e99dce8d 9733->9754 9758 7ff7e99dcf43 9733->9758 9734->9732 9737 7ff7e99dcf24 9734->9737 9738 7ff7e99dcecc 9734->9738 9736 7ff7e99dd2dc 54 API calls 9735->9736 9755 7ff7e99dce9e 9736->9755 9740 7ff7e99dd600 53 API calls 9737->9740 9742 7ff7e99dced2 9738->9742 9743 7ff7e99dcf04 9738->9743 9739->9755 9740->9755 9741 7ff7e99dd53c 54 API calls 9741->9755 9744 7ff7e99dcede 9742->9744 9742->9745 9749 7ff7e99dcead 9742->9749 9747 7ff7e99dbbc0 54 API calls 9743->9747 9744->9732 9744->9749 9750 7ff7e99dd6b4 53 API calls 9745->9750 9746 7ff7e99d3730 std::_Throw_Cpp_error 8 API calls 9751 7ff7e99dd242 9746->9751 9747->9755 9748->9749 9752 7ff7e99dce7d 9748->9752 9753 7ff7e99dbf98 54 API calls 9749->9753 9749->9758 9750->9755 9751->9691 9752->9735 9752->9754 9752->9755 9753->9755 9754->9741 9754->9758 9756 7ff7e99dd7d0 53 API calls 9755->9756 9755->9758 9759 7ff7e99dd129 9755->9759 9756->9759 9757 7ff7e99e0e30 54 API calls 9757->9759 9758->9746 9759->9757 9759->9758 9951 7ff7e99db468 9760->9951 9764 7ff7e99dd56f 9763->9764 9765 7ff7e99dd58d 9764->9765 9766 7ff7e99dd7d0 53 API calls 9764->9766 9768 7ff7e99dd5b4 9764->9768 9767 7ff7e99e0e30 54 API calls 9765->9767 9766->9765 9767->9768 9768->9721 9770 7ff7e99dbfbe 9769->9770 9771 7ff7e99dbfe8 9770->9771 9773 7ff7e99dc09f 9770->9773 9775 7ff7e99dc024 9771->9775 9827 7ff7e99db37c 9771->9827 9774 7ff7e99ddf18 _invalid_parameter_noinfo_noreturn 53 API calls 9773->9774 9774->9775 9775->9721 9777 7ff7e99dd6f5 9776->9777 9779 7ff7e99dd6f9 9777->9779 9842 7ff7e99dd74c 9777->9842 9779->9721 9781 7ff7e99dbbe6 9780->9781 9782 7ff7e99dbc10 9781->9782 9784 7ff7e99dbcc7 9781->9784 9783 7ff7e99db37c 12 API calls 9782->9783 9786 7ff7e99dbc4c 9782->9786 9783->9786 9785 7ff7e99ddf18 _invalid_parameter_noinfo_noreturn 53 API calls 9784->9785 9785->9786 9786->9721 9789 7ff7e99dd61f 9787->9789 9788 7ff7e99ddf18 _invalid_parameter_noinfo_noreturn 53 API calls 9790 7ff7e99dd650 9788->9790 9789->9788 9789->9790 9790->9721 9792 7ff7e99dbdd2 9791->9792 9793 7ff7e99dbdfc 9792->9793 9795 7ff7e99dbeb3 9792->9795 9794 7ff7e99db37c 12 API calls 9793->9794 9797 7ff7e99dbe38 9793->9797 9794->9797 9796 7ff7e99ddf18 _invalid_parameter_noinfo_noreturn 53 API calls 9795->9796 9796->9797 9797->9721 9799 7ff7e99dd302 9798->9799 9846 7ff7e99db2d4 9799->9846 9804 7ff7e99dd7d0 53 API calls 9806 7ff7e99dd440 9804->9806 9805 7ff7e99dd7d0 53 API calls 9807 7ff7e99dd4ce 9805->9807 9806->9805 9806->9806 9806->9807 9807->9721 9809 7ff7e99dc5c0 _invalid_parameter_noinfo_noreturn 53 API calls 9808->9809 9810 7ff7e99dd7e7 9809->9810 9918 7ff7e99dff74 9810->9918 9817 7ff7e99e0e61 9815->9817 9825 7ff7e99e0e6f 9815->9825 9816 7ff7e99e0e8f 9819 7ff7e99e0ea0 9816->9819 9820 7ff7e99e0ec7 9816->9820 9817->9816 9818 7ff7e99dd7d0 53 API calls 9817->9818 9817->9825 9818->9816 9941 7ff7e99e60e8 9819->9941 9822 7ff7e99e0f52 9820->9822 9823 7ff7e99e0ef1 9820->9823 9820->9825 9824 7ff7e99e3128 MultiByteToWideChar 9822->9824 9823->9825 9944 7ff7e99e3128 9823->9944 9824->9825 9825->9724 9828 7ff7e99db3b3 9827->9828 9829 7ff7e99db3a2 9827->9829 9828->9829 9835 7ff7e99dfd08 9828->9835 9829->9775 9832 7ff7e99db3f8 9834 7ff7e99dfccc Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 9832->9834 9833 7ff7e99dfccc Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 9833->9832 9834->9829 9836 7ff7e99dfd53 9835->9836 9841 7ff7e99dfd17 BuildCatchObjectHelperInternal 9835->9841 9838 7ff7e99de154 _set_errno_from_matherr 11 API calls 9836->9838 9837 7ff7e99dfd3a HeapAlloc 9839 7ff7e99db3e4 9837->9839 9837->9841 9838->9839 9839->9832 9839->9833 9840 7ff7e99df574 BuildCatchObjectHelperInternal EnterCriticalSection LeaveCriticalSection 9840->9841 9841->9836 9841->9837 9841->9840 9843 7ff7e99dd772 9842->9843 9844 7ff7e99dd76a 9842->9844 9843->9779 9845 7ff7e99dd7d0 53 API calls 9844->9845 9845->9843 9847 7ff7e99db30b 9846->9847 9853 7ff7e99db2fa 9846->9853 9848 7ff7e99dfd08 std::_Throw_Cpp_error 12 API calls 9847->9848 9847->9853 9849 7ff7e99db338 9848->9849 9850 7ff7e99db34c 9849->9850 9852 7ff7e99dfccc Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 9849->9852 9851 7ff7e99dfccc Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 9850->9851 9851->9853 9852->9850 9854 7ff7e99e0b48 9853->9854 9855 7ff7e99e0b65 9854->9855 9856 7ff7e99e0b98 9854->9856 9857 7ff7e99ddf18 _invalid_parameter_noinfo_noreturn 53 API calls 9855->9857 9856->9855 9858 7ff7e99e0bca 9856->9858 9873 7ff7e99dd41e 9857->9873 9863 7ff7e99e0cdd 9858->9863 9865 7ff7e99e0c12 9858->9865 9859 7ff7e99e0dcf 9909 7ff7e99e0018 9859->9909 9860 7ff7e99e0d95 9902 7ff7e99e03cc 9860->9902 9862 7ff7e99e0d64 9895 7ff7e99e06ac 9862->9895 9863->9859 9863->9860 9863->9862 9866 7ff7e99e0d27 9863->9866 9868 7ff7e99e0d1d 9863->9868 9865->9873 9876 7ff7e99dfba4 9865->9876 9885 7ff7e99e08dc 9866->9885 9868->9860 9870 7ff7e99e0d22 9868->9870 9870->9862 9870->9866 9873->9804 9873->9806 9874 7ff7e99de038 _invalid_parameter_noinfo_noreturn 17 API calls 9875 7ff7e99e0e2c 9874->9875 9877 7ff7e99dfbb1 9876->9877 9878 7ff7e99dfbbb 9876->9878 9877->9878 9883 7ff7e99dfbd6 9877->9883 9879 7ff7e99de154 _set_errno_from_matherr 11 API calls 9878->9879 9880 7ff7e99dfbc2 9879->9880 9881 7ff7e99ddfe8 _invalid_parameter_noinfo 53 API calls 9880->9881 9882 7ff7e99dfbce 9881->9882 9882->9873 9882->9874 9883->9882 9884 7ff7e99de154 _set_errno_from_matherr 11 API calls 9883->9884 9884->9880 9886 7ff7e99e4e0c 53 API calls 9885->9886 9887 7ff7e99e0929 9886->9887 9888 7ff7e99e47f0 53 API calls 9887->9888 9889 7ff7e99e0984 9888->9889 9890 7ff7e99e09d9 9889->9890 9891 7ff7e99e09a4 9889->9891 9894 7ff7e99e0988 9889->9894 9892 7ff7e99e04c8 53 API calls 9890->9892 9893 7ff7e99e0784 53 API calls 9891->9893 9892->9894 9893->9894 9894->9873 9896 7ff7e99e4e0c 53 API calls 9895->9896 9897 7ff7e99e06f6 9896->9897 9898 7ff7e99e47f0 53 API calls 9897->9898 9899 7ff7e99e0746 9898->9899 9900 7ff7e99e074a 9899->9900 9901 7ff7e99e0784 53 API calls 9899->9901 9900->9873 9901->9900 9903 7ff7e99e4e0c 53 API calls 9902->9903 9904 7ff7e99e0417 9903->9904 9905 7ff7e99e47f0 53 API calls 9904->9905 9906 7ff7e99e046f 9905->9906 9907 7ff7e99e0473 9906->9907 9908 7ff7e99e04c8 53 API calls 9906->9908 9907->9873 9908->9907 9910 7ff7e99e0090 9909->9910 9911 7ff7e99e005d 9909->9911 9913 7ff7e99e00ab 9910->9913 9915 7ff7e99e012f 9910->9915 9912 7ff7e99ddf18 _invalid_parameter_noinfo_noreturn 53 API calls 9911->9912 9917 7ff7e99e0089 __scrt_get_show_window_mode 9912->9917 9914 7ff7e99e03cc 53 API calls 9913->9914 9914->9917 9916 7ff7e99dd7d0 53 API calls 9915->9916 9915->9917 9916->9917 9917->9873 9919 7ff7e99dd80f 9918->9919 9920 7ff7e99dff8d 9918->9920 9922 7ff7e99dffe0 9919->9922 9920->9919 9926 7ff7e99e4624 9920->9926 9923 7ff7e99dd81f 9922->9923 9924 7ff7e99dfff9 9922->9924 9923->9724 9924->9923 9938 7ff7e99e2e24 9924->9938 9927 7ff7e99e1360 BuildCatchObjectHelperInternal 53 API calls 9926->9927 9928 7ff7e99e4633 9927->9928 9929 7ff7e99e467e 9928->9929 9930 7ff7e99dfb34 Concurrency::details::SchedulerProxy::DeleteThis EnterCriticalSection 9928->9930 9929->9919 9931 7ff7e99e465c 9930->9931 9932 7ff7e99e4694 11 API calls 9931->9932 9933 7ff7e99e466c 9932->9933 9934 7ff7e99dfb88 Concurrency::details::SchedulerProxy::DeleteThis LeaveCriticalSection 9933->9934 9935 7ff7e99e4679 9934->9935 9935->9929 9936 7ff7e99df8f8 BuildCatchObjectHelperInternal 53 API calls 9935->9936 9937 7ff7e99e4691 9936->9937 9939 7ff7e99e1360 BuildCatchObjectHelperInternal 53 API calls 9938->9939 9940 7ff7e99e2e2d 9939->9940 9947 7ff7e99e8690 9941->9947 9945 7ff7e99e3130 MultiByteToWideChar 9944->9945 9950 7ff7e99e86f4 9947->9950 9948 7ff7e99d3730 std::_Throw_Cpp_error 8 API calls 9949 7ff7e99e6105 9948->9949 9949->9825 9950->9948 9952 7ff7e99db4af 9951->9952 9953 7ff7e99db49d 9951->9953 9956 7ff7e99db4bd 9952->9956 9960 7ff7e99db4f9 9952->9960 9954 7ff7e99de154 _set_errno_from_matherr 11 API calls 9953->9954 9955 7ff7e99db4a2 9954->9955 9957 7ff7e99ddfe8 _invalid_parameter_noinfo 53 API calls 9955->9957 9958 7ff7e99ddf18 _invalid_parameter_noinfo_noreturn 53 API calls 9956->9958 9965 7ff7e99db4ad 9957->9965 9958->9965 9959 7ff7e99db859 9961 7ff7e99de154 _set_errno_from_matherr 11 API calls 9959->9961 9959->9965 9960->9959 9962 7ff7e99de154 _set_errno_from_matherr 11 API calls 9960->9962 9963 7ff7e99dbaf9 9961->9963 9964 7ff7e99db84e 9962->9964 9966 7ff7e99ddfe8 _invalid_parameter_noinfo 53 API calls 9963->9966 9967 7ff7e99ddfe8 _invalid_parameter_noinfo 53 API calls 9964->9967 9965->9691 9966->9965 9967->9959 9969 7ff7e99d354b 9968->9969 9970 7ff7e99d3558 LeaveCriticalSection 9968->9970 9969->9970 9971 7ff7e99d3554 9969->9971 9972 7ff7e99d3586 9969->9972 9970->9617 9971->9970 9973 7ff7e99d1060 2 API calls 9972->9973 9974 7ff7e99d3590 9973->9974 9974->9617 9976 7ff7e99d10c8 LockResource 9975->9976 9978 7ff7e99d10ef 9975->9978 9977 7ff7e99d10d9 SizeofResource 9976->9977 9976->9978 9977->9978 9978->9617 9982 7ff7e99db0b5 9979->9982 9986 7ff7e99db0b1 BuildCatchObjectHelperInternal 9979->9986 9980 7ff7e99db0ba 9981 7ff7e99de154 _set_errno_from_matherr 11 API calls 9980->9981 9983 7ff7e99db0bf 9981->9983 9982->9980 9984 7ff7e99db0fe 9982->9984 9982->9986 9985 7ff7e99ddfe8 _invalid_parameter_noinfo 53 API calls 9983->9985 9984->9986 9987 7ff7e99de154 _set_errno_from_matherr 11 API calls 9984->9987 9985->9986 9986->9634 9987->9983 9989 7ff7e99d1060 2 API calls 9988->9989 9993 7ff7e99d19ce 9989->9993 9990 7ff7e99d19f6 BuildCatchObjectHelperInternal 9991 7ff7e99d1060 2 API calls 9990->9991 9994 7ff7e99d1a16 9990->9994 10000 7ff7e99d1b5b std::_Throw_Cpp_error 9991->10000 9992 7ff7e99d1aa1 9995 7ff7e99d1ab3 9992->9995 9996 7ff7e99d1af5 9992->9996 9993->9990 9993->9992 9997 7ff7e99d1840 57 API calls 9993->9997 9994->9661 9995->9990 9998 7ff7e99d1ac1 9995->9998 9999 7ff7e99d1ace 9995->9999 9996->9990 10001 7ff7e99d1b02 9996->10001 10005 7ff7e99d1ae0 __scrt_get_show_window_mode 9996->10005 9997->9992 10003 7ff7e99de154 _set_errno_from_matherr 11 API calls 9998->10003 10004 7ff7e99d1ad3 9999->10004 9999->10005 10006 7ff7e99ddb4c 55 API calls 10000->10006 10002 7ff7e99de154 _set_errno_from_matherr 11 API calls 10001->10002 10007 7ff7e99d1ac6 10002->10007 10003->10007 10008 7ff7e99de154 _set_errno_from_matherr 11 API calls 10004->10008 10005->9990 10010 7ff7e99de154 _set_errno_from_matherr 11 API calls 10005->10010 10009 7ff7e99d1ba4 10006->10009 10011 7ff7e99ddfe8 _invalid_parameter_noinfo 53 API calls 10007->10011 10008->10007 10009->9661 10010->10007 10011->9990 10013 7ff7e99db15f 10012->10013 10014 7ff7e99db18b 10012->10014 10016 7ff7e99ddf18 _invalid_parameter_noinfo_noreturn 53 API calls 10013->10016 10014->10013 10015 7ff7e99db195 10014->10015 10023 7ff7e99dc6b8 10015->10023 10017 7ff7e99db183 10016->10017 10019 7ff7e99d3730 std::_Throw_Cpp_error 8 API calls 10017->10019 10020 7ff7e99db2a4 10019->10020 10020->9674 10021 7ff7e99dfccc Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 10021->10017 10024 7ff7e99dc6f6 10023->10024 10025 7ff7e99dc6e6 10023->10025 10026 7ff7e99dc6fc 10024->10026 10030 7ff7e99dc72c 10024->10030 10029 7ff7e99ddf18 _invalid_parameter_noinfo_noreturn 53 API calls 10025->10029 10027 7ff7e99ddf18 _invalid_parameter_noinfo_noreturn 53 API calls 10026->10027 10028 7ff7e99db233 10027->10028 10028->10021 10029->10028 10030->10025 10030->10028 10031 7ff7e99dc628 53 API calls 10030->10031 10032 7ff7e99dcc58 55 API calls 10030->10032 10033 7ff7e99dce04 55 API calls 10030->10033 10031->10030 10032->10030 10033->10030 10042 7ff7e99d2d5b 10034->10042 10035 7ff7e99d2ea4 10040 7ff7e99d1060 2 API calls 10035->10040 10036 7ff7e99d2e9f 10060 7ff7e99d3430 10036->10060 10037 7ff7e99d2e17 10038 7ff7e99d3aa8 std::_Throw_Cpp_error 67 API calls 10037->10038 10041 7ff7e99d2e2b 10038->10041 10043 7ff7e99d2eaf 10040->10043 10046 7ff7e99d2eb0 10041->10046 10042->10035 10042->10036 10042->10037 10045 7ff7e99d2e48 10042->10045 10045->9497 10047 7ff7e99d2ec6 10046->10047 10048 7ff7e99d2ed4 10047->10048 10049 7ff7e99d2f93 10047->10049 10056 7ff7e99d2f00 __scrt_get_show_window_mode 10047->10056 10048->10045 10050 7ff7e99d19c0 57 API calls 10049->10050 10052 7ff7e99d2f98 10050->10052 10051 7ff7e99d2f33 10053 7ff7e99de154 _set_errno_from_matherr 11 API calls 10051->10053 10054 7ff7e99d2f38 10053->10054 10058 7ff7e99ddfe8 _invalid_parameter_noinfo 53 API calls 10054->10058 10055 7ff7e99d2f4a BuildCatchObjectHelperInternal 10055->10045 10056->10051 10056->10055 10057 7ff7e99d2f66 10056->10057 10057->10055 10059 7ff7e99de154 _set_errno_from_matherr 11 API calls 10057->10059 10058->10055 10059->10054 10063 7ff7e99d54d8 10060->10063 10068 7ff7e99d5454 10063->10068 10066 7ff7e99d65c0 std::_Xinvalid_argument 2 API calls 10067 7ff7e99d54fa 10066->10067 10071 7ff7e99d6504 10068->10071 10070 7ff7e99d5488 10070->10066 10072 7ff7e99d6525 10071->10072 10073 7ff7e99d655a __vcrt_freefls 10071->10073 10072->10073 10074 7ff7e99dfba4 std::_Xinvalid_argument 53 API calls 10072->10074 10073->10070 10074->10073 10076 7ff7e99d4cc4 10075->10076 10076->10076 10087 7ff7e99d461c 10076->10087 10078 7ff7e99d4cda 10097 7ff7e99d4ac8 10078->10097 10080 7ff7e99d3730 std::_Throw_Cpp_error 8 API calls 10083 7ff7e99d4d92 10080->10083 10081 7ff7e99d4d74 10081->10080 10082 7ff7e99d4cfb std::_Throw_Cpp_error 10082->10081 10084 7ff7e99d4da2 10082->10084 10083->9515 10109 7ff7e99de008 10084->10109 10088 7ff7e99d4651 10087->10088 10089 7ff7e99d4742 10087->10089 10091 7ff7e99d467d 10088->10091 10093 7ff7e99d46af 10088->10093 10096 7ff7e99d465f std::_Throw_Cpp_error BuildCatchObjectHelperInternal 10088->10096 10123 7ff7e99d4fe4 10089->10123 10114 7ff7e99d3250 10091->10114 10095 7ff7e99d3aa8 std::_Throw_Cpp_error 67 API calls 10093->10095 10093->10096 10095->10096 10096->10078 10098 7ff7e99d4b0d 10097->10098 10126 7ff7e99d4748 10098->10126 10100 7ff7e99d4b1c 10136 7ff7e99d4e18 10100->10136 10103 7ff7e99d6504 std::_Xinvalid_argument 53 API calls 10104 7ff7e99d4b64 10103->10104 10148 7ff7e99d4f18 10104->10148 10106 7ff7e99d4b77 10107 7ff7e99d3730 std::_Throw_Cpp_error 8 API calls 10106->10107 10108 7ff7e99d4b98 10107->10108 10108->10082 10110 7ff7e99dde7c _invalid_parameter_noinfo_noreturn 53 API calls 10109->10110 10111 7ff7e99de021 10110->10111 10112 7ff7e99de038 _invalid_parameter_noinfo_noreturn 17 API calls 10111->10112 10113 7ff7e99de036 10112->10113 10115 7ff7e99d3283 10114->10115 10116 7ff7e99d325d 10114->10116 10117 7ff7e99d3410 Concurrency::cancel_current_task 2 API calls 10115->10117 10118 7ff7e99d3aa8 std::_Throw_Cpp_error 67 API calls 10116->10118 10119 7ff7e99d3289 10117->10119 10120 7ff7e99d3265 10118->10120 10121 7ff7e99d326d 10120->10121 10122 7ff7e99de008 _invalid_parameter_noinfo_noreturn 53 API calls 10120->10122 10121->10096 10122->10115 10124 7ff7e99d54d8 std::_Xinvalid_argument 55 API calls 10123->10124 10125 7ff7e99d4ff4 10124->10125 10127 7ff7e99d4778 10126->10127 10128 7ff7e99d485a 10126->10128 10130 7ff7e99d47a3 10127->10130 10132 7ff7e99d47d2 10127->10132 10134 7ff7e99d4786 std::_Throw_Cpp_error BuildCatchObjectHelperInternal 10127->10134 10129 7ff7e99d4fe4 std::_Throw_Cpp_error 55 API calls 10128->10129 10131 7ff7e99d485f 10129->10131 10133 7ff7e99d3250 std::_Throw_Cpp_error 67 API calls 10130->10133 10132->10134 10135 7ff7e99d3aa8 std::_Throw_Cpp_error 67 API calls 10132->10135 10133->10134 10134->10100 10135->10134 10137 7ff7e99d4e5e 10136->10137 10138 7ff7e99d4e49 10136->10138 10140 7ff7e99d4ff8 std::_Throw_Cpp_error 67 API calls 10137->10140 10153 7ff7e99d4ff8 10138->10153 10141 7ff7e99d4e96 10140->10141 10142 7ff7e99d4f18 std::_Throw_Cpp_error 53 API calls 10141->10142 10143 7ff7e99d4ea1 std::_Throw_Cpp_error 10142->10143 10144 7ff7e99d4f18 std::_Throw_Cpp_error 53 API calls 10143->10144 10145 7ff7e99d4eb5 10144->10145 10146 7ff7e99d3730 std::_Throw_Cpp_error 8 API calls 10145->10146 10147 7ff7e99d4b35 10146->10147 10147->10103 10149 7ff7e99d4fb0 10148->10149 10150 7ff7e99d4f40 std::_Throw_Cpp_error 10148->10150 10149->10106 10150->10149 10151 7ff7e99de008 _invalid_parameter_noinfo_noreturn 53 API calls 10150->10151 10152 7ff7e99d4fe2 10151->10152 10154 7ff7e99d50a1 10153->10154 10156 7ff7e99d5026 std::_Throw_Cpp_error BuildCatchObjectHelperInternal 10153->10156 10157 7ff7e99d4860 10154->10157 10156->10137 10158 7ff7e99d48a4 10157->10158 10159 7ff7e99d4a4e 10157->10159 10160 7ff7e99d48b8 10158->10160 10163 7ff7e99d48fa 10158->10163 10161 7ff7e99d4fe4 std::_Throw_Cpp_error 55 API calls 10159->10161 10164 7ff7e99d3250 std::_Throw_Cpp_error 67 API calls 10160->10164 10162 7ff7e99d4a54 10161->10162 10165 7ff7e99d3aa8 std::_Throw_Cpp_error 67 API calls 10163->10165 10166 7ff7e99d48f5 std::_Throw_Cpp_error BuildCatchObjectHelperInternal 10163->10166 10164->10166 10165->10166 10167 7ff7e99d49b3 std::_Throw_Cpp_error BuildCatchObjectHelperInternal 10166->10167 10168 7ff7e99de008 _invalid_parameter_noinfo_noreturn 53 API calls 10166->10168 10167->10156 10168->10159 10170 7ff7e99d56d8 EnterCriticalSection 10169->10170

                                                                                                                                                                                                                            Executed Functions

                                                                                                                                                                                                                            Function 00007FF7E99E19AC Relevance: 12.4, APIs: 5, Strings: 2, Instructions: 117libraryloaderCOMMONLIBRARYCODE
                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            • FreeLibrary.KERNEL32(?,?,?,00007FF7E99E1C72,?,?,00000003,00007FF7E99DFA01), ref: 00007FF7E99E1B2B
                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,?,?,00007FF7E99E1C72,?,?,00000003,00007FF7E99DFA01), ref: 00007FF7E99E1B37
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000002.00000002.2879765216.00007FF7E99D1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF7E99D0000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000002.00000002.2879696795.00007FF7E99D0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000002.00000002.2879821342.00007FF7E99EB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000002.00000002.2879948636.00007FF7E99F9000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000002.00000002.2879997810.00007FF7E99FC000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7e99d0000_bitsumsessionagent.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: AddressFreeLibraryProc
                                                                                                                                                                                                                            • String ID: api-ms-$ext-ms-
                                                                                                                                                                                                                            • API String ID: 3013587201-537541572
                                                                                                                                                                                                                            • Opcode ID: c04a9000a2b9fbfb6d4fed97f3f18227ee4a2e96c6c40cb0326599ae16701adb
                                                                                                                                                                                                                            • Instruction ID: 3dc0a405a378e9a1ebfada7ce15154abae18705b767a6e4c77fdb18b758cca63
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c04a9000a2b9fbfb6d4fed97f3f18227ee4a2e96c6c40cb0326599ae16701adb
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1F41B463B1DA4241EA25EF16A8047B9A3F1BF85BD0F884537DD1D87788EE3CE4458362
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF7E99D29E0 Relevance: 9.0, APIs: 4, Strings: 1, Instructions: 242registryCOMMON
                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                            control_flow_graph 242 7ff7e99d29e0-7ff7e99d2a18 call 7ff7e99d1200 245 7ff7e99d2cfc-7ff7e99d2d06 call 7ff7e99d1060 242->245 246 7ff7e99d2a1e-7ff7e99d2a41 242->246 250 7ff7e99d2d07-7ff7e99d2d11 call 7ff7e99d1060 245->250 251 7ff7e99d2a43-7ff7e99d2a4c call 7ff7e99d1660 246->251 252 7ff7e99d2a4e-7ff7e99d2a5c call 7ff7e99d19d0 246->252 259 7ff7e99d2a5d-7ff7e99d2a73 251->259 252->259 260 7ff7e99d2a75-7ff7e99d2a78 259->260 261 7ff7e99d2ac6-7ff7e99d2aca 259->261 260->245 262 7ff7e99d2a7e-7ff7e99d2a88 260->262 263 7ff7e99d2b04 261->263 264 7ff7e99d2acc-7ff7e99d2ad3 261->264 265 7ff7e99d2a90-7ff7e99d2a98 262->265 266 7ff7e99d2b07-7ff7e99d2b1a 263->266 264->245 267 7ff7e99d2ad9-7ff7e99d2adf 264->267 268 7ff7e99d2aa8-7ff7e99d2aaa 265->268 269 7ff7e99d2a9a-7ff7e99d2aa1 265->269 270 7ff7e99d2b1c-7ff7e99d2b25 266->270 271 7ff7e99d2b28-7ff7e99d2b2b 266->271 272 7ff7e99d2ae0-7ff7e99d2ae8 267->272 276 7ff7e99d2aad-7ff7e99d2ab2 268->276 269->265 275 7ff7e99d2aa3-7ff7e99d2aa6 269->275 270->271 277 7ff7e99d2b31-7ff7e99d2b74 RegCreateKeyExW 271->277 278 7ff7e99d2c79 271->278 273 7ff7e99d2af8-7ff7e99d2afa 272->273 274 7ff7e99d2aea-7ff7e99d2af1 272->274 280 7ff7e99d2afd-7ff7e99d2b02 273->280 274->272 279 7ff7e99d2af3-7ff7e99d2af6 274->279 275->276 283 7ff7e99d2ab4-7ff7e99d2ab8 276->283 284 7ff7e99d2aba-7ff7e99d2abd 276->284 285 7ff7e99d2c49-7ff7e99d2c50 277->285 286 7ff7e99d2b7a-7ff7e99d2bb7 RegQueryValueExW 277->286 281 7ff7e99d2c7c-7ff7e99d2c87 call 7ff7e99d1200 278->281 279->280 280->263 280->266 296 7ff7e99d2cf1-7ff7e99d2cfb call 7ff7e99d1060 281->296 297 7ff7e99d2c89-7ff7e99d2ca2 281->297 288 7ff7e99d2ac0-7ff7e99d2ac4 283->288 284->288 291 7ff7e99d2c52-7ff7e99d2c78 call 7ff7e99d3730 285->291 289 7ff7e99d2c43 RegCloseKey 286->289 290 7ff7e99d2bbd-7ff7e99d2bd4 RegCloseKey call 7ff7e99d1200 286->290 288->260 288->261 289->285 290->250 300 7ff7e99d2bda-7ff7e99d2bf3 290->300 296->245 304 7ff7e99d2ca4-7ff7e99d2cac call 7ff7e99d1660 297->304 305 7ff7e99d2cae-7ff7e99d2cbc call 7ff7e99d19d0 297->305 306 7ff7e99d2bf5-7ff7e99d2bfe call 7ff7e99d1660 300->306 307 7ff7e99d2c00-7ff7e99d2c09 call 7ff7e99d19d0 300->307 316 7ff7e99d2cbd-7ff7e99d2cdf call 7ff7e99d2d20 304->316 305->316 315 7ff7e99d2c0e-7ff7e99d2c36 call 7ff7e99d2d20 306->315 307->315 315->281 323 7ff7e99d2c38-7ff7e99d2c41 315->323 321 7ff7e99d2ce1-7ff7e99d2ce4 316->321 322 7ff7e99d2cea-7ff7e99d2cec 316->322 321->322 322->291 323->281
                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                              • Part of subcall function 00007FF7E99D1200: GetProcessHeap.KERNEL32 ref: 00007FF7E99D1249
                                                                                                                                                                                                                            • RegCreateKeyExW.KERNELBASE ref: 00007FF7E99D2B6C
                                                                                                                                                                                                                            • RegQueryValueExW.KERNELBASE ref: 00007FF7E99D2BAB
                                                                                                                                                                                                                            • RegCloseKey.ADVAPI32 ref: 00007FF7E99D2C43
                                                                                                                                                                                                                            • RegCloseKey.ADVAPI32 ref: 00007FF7E99D2BC3
                                                                                                                                                                                                                              • Part of subcall function 00007FF7E99D1660: FindResourceExW.KERNEL32(00000000,?,00000000,00007FF7E99D1558), ref: 00007FF7E99D16BD
                                                                                                                                                                                                                              • Part of subcall function 00007FF7E99D1660: FindResourceW.KERNEL32(?,00000000,00007FF7E99D1558), ref: 00007FF7E99D1728
                                                                                                                                                                                                                              • Part of subcall function 00007FF7E99D1660: LoadResource.KERNEL32(?,00000000,00007FF7E99D1558), ref: 00007FF7E99D1740
                                                                                                                                                                                                                              • Part of subcall function 00007FF7E99D1660: LockResource.KERNEL32(?,00000000,00007FF7E99D1558), ref: 00007FF7E99D1752
                                                                                                                                                                                                                              • Part of subcall function 00007FF7E99D1660: SizeofResource.KERNEL32(?,00000000,00007FF7E99D1558), ref: 00007FF7E99D176A
                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000002.00000002.2879765216.00007FF7E99D1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF7E99D0000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000002.00000002.2879696795.00007FF7E99D0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000002.00000002.2879821342.00007FF7E99EB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000002.00000002.2879948636.00007FF7E99F9000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000002.00000002.2879997810.00007FF7E99FC000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7e99d0000_bitsumsessionagent.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: Resource$CloseFind$CreateHeapLoadLockProcessQuerySizeofValue
                                                                                                                                                                                                                            • String ID: agentrefreshrate
                                                                                                                                                                                                                            • API String ID: 4289629412-718543578
                                                                                                                                                                                                                            • Opcode ID: 16629ecb85a86f6d5f5d678b2133b8a326ddfa6b759679b018d45c9135c4b321
                                                                                                                                                                                                                            • Instruction ID: 82e1fe5d2d6a2c7e6c363fb0c3b4e28b40bd9ccb9b559679645933f90f5197fe
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 16629ecb85a86f6d5f5d678b2133b8a326ddfa6b759679b018d45c9135c4b321
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CC91A963B08A4286EB24EF65D4983BDA3B0FB80B98F814137DA1E07794DE39D944C361
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                            Function 00007FF7E99DE224 Relevance: 3.0, APIs: 2, Instructions: 31threadCOMMON
                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                            • Source File: 00000002.00000002.2879765216.00007FF7E99D1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF7E99D0000, based on PE: true
                                                                                                                                                                                                                            • Associated: 00000002.00000002.2879696795.00007FF7E99D0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000002.00000002.2879821342.00007FF7E99EB000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000002.00000002.2879948636.00007FF7E99F9000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                                            • Associated: 00000002.00000002.2879997810.00007FF7E99FC000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_7ff7e99d0000_bitsumsessionagent.jbxd
                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                            • API ID: ErrorExitLastThread
                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                            • API String ID: 1611280651-0
                                                                                                                                                                                                                            • Opcode ID: 68c48ff94bca0511506d4b424f06e6154fe7fef04bd87d11fd1cd8b99b249ce1
                                                                                                                                                                                                                            • Instruction ID: ee63e5e14b5f0bd97cdb0c851776920953aa2e731e0a71ff848212b6f2640bdc
                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 68c48ff94bca0511506d4b424f06e6154fe7fef04bd87d11fd1cd8b99b249ce1
                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4EF06227E0E60246EF15BFB1945A37C92F0AF95B40F841037D90983392DE3CA4408223
                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                            Uniqueness Score: -1.00%